The Updated Guide To 1y0-340 Samples

NEW QUESTION 1
How can a Citrix Engineer configure a specific LDAP attribute in the nFactor implementation?

• A. Specify the attribute in the LDAP server attributes field.
• B. Change the order of the policies.
• C. Add the attribute on the nFactor traffic policy.
• D. Change the login schema and add the new attribute.

Answer: D

NEW QUESTION 2
A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection. Which setting can the engineer enable in order to avoid false-positive learned rules?

• A. Increase database size for Learned data.
• B. Decrease Minthreshold value to Default in Learning settings.
• C. Increase Minthreshold value in Learning settings.
• D. Remove all unreviewed data from Learning settings.

Answer: D

NEW QUESTION 3
Which meta-character can be used as a wildcard to match a single character in a given position?

• A. A forward slash (/)
• B. A period (.)
• C. An asterisk (*)
• D. A dollar Sign ($)

Answer: D

NEW QUESTION 4
A Citrix Engineer needs to implement a rate limiting policy to permit an average of one request in 40 ms using NetScaler.
Which Limit Identifier will meet this requirement?

• A. adds ns limitIdentifier limit_req-threshold 40 –mode CONNECTION
• B. set limitidentifier limit_req –mode request_rate –timeslice 2000 –Threshold 50 –limitType smooth
• C. add ns limitIdentifier limit_req –threshold 1 –mode CONNECTION
• D. set limitidentifier limit_req –mode request_rate –timeslice 2000 –Threshold 50 –limitType Bursty

Answer: B

NEW QUESTION 5
Which two threats can be prevented by using IP Reputation? (Choose two.)

• A. Trojan horses
• B. Phishing Proxies
• C. Worm
• D. Compromised IPv6 web-server
• E. Compromised IPv4 web-server

Answer: BE

NEW QUESTION 6
Which NetScaler Management and Analytics System (NMAS) feature will assist the Citrix Engineer in gathering the required data for issues with Endpoint Analysis?

• A. Security Insight
• B. Web Insight
• C. HDX Insight
• D. Gateway Insight

Answer: A

NEW QUESTION 7
A Citrix Engineer needs to configure an Application Firewall policy. According to company policies, the engineer needs to ensure that all the requests made to the website are originating from North America.
Which policy expressions will help the engineer accomplish the requirement?

• A. CLIENT.IP.SRC.MATCHES_LOCATION (“North America.US.*.*.*.*”)
• B. CLIENT.IP.SRC.MATCHES_LOCATION (“North America.US.*.*.*.*”). NOT
• C. CLIENT.IP.DST.MATCHES (“North America.US.*.*.*.*”)
• D. CLIENT.IP.SRC.MATCHES (“North America.US.*.*.*.*”)

Answer: A

NEW QUESTION 8
A Citrix Engineer needs to deploy the NetScaler Management and Analytics System (NMAS) in their company environment to ensure that NMAS provides uninterrupted operation in all situations.
Which deployment type can meet this requirement?

• A. Active-Active High Availability Mode
• B. Single-Server Deployment Mode
• C. NMAS integrated with Director mode
• D. Active-Passive High Availability Mode

Answer: A

NEW QUESTION 9
A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs to create a policy to filter the upload requests and ensure that they are in JPEG format.
Which expression can the engineer use to fulfill this requirement?

• A. http.req.url.endswith (“.jpeg) & & http.req.method.eq (POST)
• B. http.req.url.contains (“.jpeg) & & http.req.method.eq (GET)
• C. http.req.url.endswith (“.jpeg) || http.req.method.eq (GET)
• D. http.req.header (“Content-Type”).contains (“image/jpeg”) || http.req.method.eq(POST)

Answer: D

NEW QUESTION 10
Which two settings can be used when creating a Cache Content group? (Choose two.)

• A. Remove response cookies
• B. Set Lazy DNS resolution
• C. Expire cookies
• D. Use DNS Query
• E. Use browser settings

Answer: AB

NEW QUESTION 11
A company has experienced an outage of their mission-critical website. Upon investigation, the Citrix Engineer determines that the following command was executed on the website:
DROP TABLE table_name
Which security check would have prevented this issue?

• A. HTML SQL Injection
• B. Form Field Consistency
• C. HTML Cross-Site Scripting
• D. Field Formats

Answer: A

NEW QUESTION 12
A Citrix Engineer needs to configure the authentication feature on NetScaler Management and Analytics System (NMAS) to enable local authentication to take over if the external authentication fails.
What can the engineer configure to meet this requirement?

• A. Select LOCAL as the Server Type when configuring authentication.
• B. Select EXTERNAL as the Server Type when configuring authentication.
• C. Enable the fallback local authentication option.
• D. Configure Cascade authentication with External as primary and LOCAL as secondary.

Answer: B

NEW QUESTION 13
When the NetScaler marks a client connection as “non-trackable”, the default behavior of the NetScaler without making any change to the HTTP Profile is to . (Choose the correct option to complete the sentence.)

• A. proxy the connection to the target.
• B. proxy the connection to the client.
• C. track the connection.
• D. drop the connection.

Answer: D

NEW QUESTION 14
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2021:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362
0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?

• A. Increase the Maximum Header Length under nshttp_default_profile.
• B. Increase the POST body limit using the HTTP profile.
• C. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ( “POST”)” with APPFW_BYPASS profile bound.
• D. Increase the POST body limit under common settings in Application Firewall profile settings.

Answer: D

NEW QUESTION 15
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. Which regular expression can the engineer use?

• A. www$.citrix$.com
• B. [www]. [citrix]. [com]
• C. www+.citrix+.com
• D. www.citrix.com

Answer: B

NEW QUESTION 16
A Citrix Engineer needs to set the rate at which connections are proxied from the NetScaler to the server. Which values should the engineer configure for Surge Protection?

• A. UDP Threshold and Start Port
• B. Grant Quota and Buffer Size
• C. TCP Threshold and Reset Threshold
• D. Base Threshold and Throttle

Answer: D

NEW QUESTION 17
Which security option falls under the Negative Security Model for Citrix Application Firewall?

• A. Start URL
• B. HTML Cross-Site Scripting
• C. Content-type
• D. Signature

Answer: D

NEW QUESTION 18
Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:
-Management traffic is on VLAN 5 (NSIP).
-Application and server traffic is on VLAN 10 (SNIP).
The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers. After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed.
How can the engineer resolve the issue?

• A. Configure VLAN 5 as NSVLAN 5
• B. Move the NMAS interface to VLAN 5
• C. Configure VLAN 5 as NSSYNC VLAN
• D. Bind SNIP to VLAN 5

Answer: A

NEW QUESTION 19
Scenario: A Citrix Engineer configures an Application Firewall HTML SQL Injection Check and sets it to BLOCK and to use SQLSplCharANDKeyword as the SQL injection type. The engineer checks the logs and finds that nothing is being blocked.
What can be the cause of the Application Firewall failing to block the attack?

• A. The request contains SQL Wildcard Characters.
• B. The request neither contains SQL Special Characters nor keywords.
• C. The request only contains SQL Special Characters.
• D. The request only contains SQL keywords.

Answer: B

NEW QUESTION 20
A Citrix Engineer is configuring an Application Firewall Policy to protect a website. Which expression will the engineer use in the policy?

• A. HTTP.RES.IS_VALID
• B. HTTP.REQ.HOSTNAME.EQ (“true”)
• C. HTTP.RES.HEADER (“hostname”).EQ (“true”)
• D. HTTP.REQ.IS_VALID

Answer: B

NEW QUESTION 21
A Citrix Engineer observes the following event in the ns.log:
Aug 3 11:55:58 <local0.info> 10.248.64.10 08/03/2015:15:55:58 GMT ATL0NS01 0-PPE-1: default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1
LG+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL: https://training.citrix.com/login
<blocked>
Which Application Firewall profile has blocked the URL?

• A. SPI
• B. APPFW_STARTURL
• C. ATL0NS01
• D. SPI Disallow illegal URL

Answer: C

NEW QUESTION 22
......