Citrix 1Y0-230 Free Practice Questions 2021

NEW QUESTION 1
After creating and correctly configuring a custom user monitor, from where do the monitor probes originate by default?

• A. Subnet IP address
• B. NetScaler IP address
• C. Mapped IP address
• D. Virtual IP address

Answer: B

NEW QUESTION 2
Scenario: Users belong to three Authentication, Authorization and Auditing (AAA) groups: Corporate, Finance and Software.
Show aaa groups:
>show aaa group
1) GroupName: Corporate
2) GroupName: Finance
3) GroupName: Software Done
>show aaa group Corporate GroupName: Corporate Weight: 0
Authorization Policy: pol_1, Type: Classic, Priority: 0
> add authorization policy pol_1 ns_true ALLOW
> bind aaa group Corporate –policy pol_1
The user is being denied resources while aaad.debug shows: Group ‘corporate’ being extracted for user User1
Why is the user being denied access?

• A. The Authorization policy is NOT configured properly.
• B. The group attribute is NOT configured in the LDAP policy.
• C. AAA group names are NOT the same as those in Active Directory/
• D. LDAP Base DN is incorrect.

Answer: D

NEW QUESTION 3
Scenario: A Citrix Administrator has given permissions to team members to access their own admin partition, so they can add resources for different departments and manage them without making changes to the default NetScaler partition and configuration.
One team member was trying to use the command-line interface to trouble an authentication issue and could NOT use aaad.debug. However, the team member has full permissions on the admin partition.
What can be the cause of this issue?

• A. The team member needs to troubleshoot the issue form the GUI.
• B. The team member does NOT have Shell access by design.
• C. The team member does NOT have permission to use the CLI.
• D. The team member is NOT using the CLI correctly.

Answer: C

NEW QUESTION 4
Scenario: A NetScaler is configured with the following modes:
-MAC-based Forwarding
-USIP
-USNIP
-Layer 3 mode
A Citrix Administrator configured a new router and now requires some of the incoming and outgoing traffic to take different paths through the new router. However, the administrator notices that this is failing and takes a network trace. After a short monitoring period, the administrator notices that the packets are still NOT getting to the new router from the NetScaler.
Which mode should the administrator disable on the NetScaler to facilitate the addition of the new router and successfully route the packets?

• A. MAC-based Forwarding
• B. USIP
• C. Layer 3 mode
• D. USNIP

Answer: D

NEW QUESTION 5
Which two items can a Citrix Administrator change when configuring a default portal theme? (Choose two.)

• A. Center logo
• B. NetScaler with Unified Gateway header
• C. Browser requirements
• D. Font color

Answer: AD

NEW QUESTION 6
Which mode does a Citrix Administrator need to configure in order to allow the NetScaler to forward any packets that are NOT destined for an IP address which is NOT configured on NetScaler?

• A. Layer 3
• B. USIP
• C. Layer 2
• D. MAC-based Forwarding

Answer: C

NEW QUESTION 7
Which two options should a Citrix Administrator consider when adding a secondary device in a high availability (HA) pair? (Choose two.)

• A. The Independent Network Configuration (INC) mode should be enabled.
• B. Both the devices should have different SNIP addresses.
• C. The nsroot password should be the same on both nodes.
• D. HA Monitoring should be disabled on all the unused interfaces.
• E. Configure the HA status of the Primary Node as STAYPRIMARY.

Answer: CD

NEW QUESTION 8
Which type of NetScaler Service Monitor can a Citrix Administrator use to test a three-way handshake between the NetScaler and the back-end server?

• A. UDP
• B. PING
• C. TCP
• D. LDAP

Answer: C

NEW QUESTION 9
Scenario: User authentication is failing through the NetScaler. A Citrix Administrator checked the Authentication, Authorization and Auditing (AAA) policy, action and virtual server and verified that the correct configuration was in place. The administrator bypassed the NetScaler and the authentication worked.
Which NetScaler utility can the administrator use to troubleshoot the access issue?

• A. nslog file
• B. aaad.debug
• C. nscon message
• D. Dashboard

Answer: B

NEW QUESTION 10
Scenario: A Citrix Administrator configured the “-denySSLReneg” Parameter using the below command on NetScaler to enhance security.
set ssl parameter –denySSLReneg <option>
Which two options can the administrator use to complete the command (Choose two.)

• A. NO
• B. NONSECURE
• C. ALL
• D. HIGHSECURE
• E. FRONTEND_CLIENT

Answer: AB

NEW QUESTION 11
Which two options would provide an end-to-end encryption data, while allowing the NetScaler to optimize the responses? (Choose two.)

• A. HTTP protocol for the virtual server
• B. SSL Bridge protocol for the virtual server
• C. HTTP protocol for the services
• D. SSL protocol for the virtual server
• E. SSL protocol for the services
• F. SSL Bridge protocol for the services

Answer: AB

NEW QUESTION 12
Which three NetScaler features can a Citrix Administrator use for default syntax policies? (Choose three.)

• A. SSL
• B. Rewrite
• C. Integrated caching
• D. Protection
• E. Responder

Answer: ABE

Explanation: Reference
https://docs.citrix.com/zh-cn/netscaler/11/appexpert/policies-and-expressions/ns-pi-intro-pol-exp-wrapper-con/n

NEW QUESTION 13
Users are experiencing resets form the Intranet server website, which is load-balanced trough the NetScaler. Which NetScaler tool can a Citrix Administrator use to troubleshoot the reset issue?

• A. Take a packet trace with nstrace and analyze with WireShartk.
• B. Look in the Event Viewer for packet resets from the NetScaler.
• C. View the new nslog form the command-line interface to look for packet resets form the NetScaler.
• D. Use the nslog to look for packet resets on the NetScaler.

Answer: D

NEW QUESTION 14
Which three Unified Gateway elements can be configured by the Unified Gateway Wizard? (Choose three.)

• A. Responder policy for HTTP to HTTPS redirect
• B. A primary and any optional secondary authentication configuration
• C. The Unified Gateway primary virtual server
• D. Rewrite policy for HTTP to HTTPS redirect
• E. An SSL Server Certificate for the Unified Gateway virtual server

Answer: BCE

NEW QUESTION 15
Which three statements are true when comparing a Simple Access Control List (ACL) to an Extended ACL? (Choose three.)

• A. Extended ACLs have priorities
• B. Simple ACLs can be modified
• C. Extended ACLs apply first
• D. Simple ACLs can be based on the Source and Destination IP address
• E. Simple ACLs can bridge traffic
• F. Simple ACLs are based on the Source IP address only
• G. Simple ACLs apply first

Answer: ADG

NEW QUESTION 16
Which mode on the NetScaler can a Citrix Administrator utilize to avoid asymmetrical packet flows and multiple route/ARP lookups?

• A. USNIP
• B. Layer 3
• C. MAC-based Forwarding
• D. Layer 2

Answer: C

Explanation: MAC-based forwarding can be used to avoid multiple-route/ARP lookups and to avoid asymmetrical packet flows.

NEW QUESTION 17
A Citrix Administrator needs to create a customized blacklist of IP addresses to supplement the Webroot reputation check, and in order to have stricter access through NetScaler.
How can the administrator create this blacklist?

• A. Create several extended Access Control List policies.
• B. Create a data set for IPv4 address matching.
• C. Enable MAC-based Forwarding.
• D. Create several simple Access Control List policies.

Answer: A