Directory Image
This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.

1Y0-351 Real Exam

Author: William Hicks
by William Hicks
Posted: Dec 04, 2017

Question: 1

A NetScaler Engineer has created a new custom user monitor script and needs to place it in the NetScaler filesystem for use.

Where must the engineer place the custom script so that it is available for use?

A. /nsconfig/monitors

B. /netscaler/monitors

C. /var/nstemp/monitors

D. /netscaler/monitors/perl_mod

Answer: A

Question: 2

What are the supported protocols for management authentication?

A. LOCAL, LDAP, and SAML

B. RADIUS, LDAP and TACACS+

C. CERTIFICATE, LDAP and SAML

D. RADIUS, TACACS+ and CERTIFICATE

Answer: B

Question: 3

Scenario: A NetScaler Engineer has discovered that the object home.php is NOT found in the cache on the system.

Below is the relevant configuration:

add cache contentGroup cache_content_group_1 -relExpiry 0

add cache policy cache_pol_1 -rule "http.REQ.URL.CONTAINS(\"home.php\")" -action MAY_CACHE -storeInGroup cache_content_group_1

add cache policy cache_pol_2 -rule "http.REQ.METHOD.EQ(\"GET\")" -action NOCACHE

add cache policy cache_pol_3 -rule "HTTP.RES.HEADER(\"Set-Cookie\").EXISTS" -action NOCACHE

bind cache global cache_pol_1 -priority 90 -gotoPriorityExpression END -type REQ_OVERRIDE

bind cache global cache_pol_2 -priority 100 -gotoPriorityExpression END -type REQ_OVERRIDE

bind cache global cache_pol_3 -priority 100 -gotoPriorityExpression END -type RES_OVERRIDE

The data from the client and the server are as following:

GET /home.php HTTP/1.1

Host: www.website.com

User-Agent: Mozilla Firefox/3.0.3

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Connection: keep-alive

Date: Thu, 09 Oct 2014 18:25:00 GMT

Cookie: sessionid=100xyz

HTTP/1.1 200 OK

Date: Thu, 09 Oct 2014 18:25:00 GMT

Server: Apache/2.2.3 (Fedora)

Last-Modified: Wed, 09 Jul 2014 21:55:36 GMT

ETag: "27db3c-12ce-5e52a600"

Accept-Ranges: bytes

Cache-Control: private, max-age=0

Set-Cookie: sessionid=100xyz; expires=Thu, 09-Oct-2014 18:30:00 GMT; path=/

Content-Length: 119

Connection: close

Content-Type: text/html; charset=UTF-8

Why does the object NOT persist in the cache?

A. The request is a GET request.

B. The response has Set-Cookie.

C. The content group is missing a cache selector.

D. The content group has been configured with relExpiry 0.

Answer: B

Question: 4

Which two authentication types on the NetScaler support password changes? (Choose two.)

A. TACACS+

B. LDAP (TLS)

C. LDAP (SSL)

D. RADIUS (PAP)

E. LDAP (PLAINTEXT)

F. RADIUS (MSCHAPv2)

Answer: B,C

Question: 5

Scenario: A NetScaler Engineer is viewing Authentication, Authorization and Access (AAA) events on the NetScaler appliance to determine why a user is unable to log on. The events below have been logged during this timeframe:

Fri Oct 17 18:17:16 2014

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[40\]: start_ldap_auth attempting to

auth scottli @ 10.12.33.216

Fri Oct 17 18:17:18 2014

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[291\]: recieve_ldap_bind_event receive ldap bind event

Fri Oct 17 18:17:18 2014

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[326\]:

recieve_ldap_bind_event ldap_bind with binddn bindpw failed:Invalid credentials Fri Oct 17 18:17:18 2014 /usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/naaad.c[1198\]: send_reject sending reject to kernel for : scottli

What is the root cause of this issue?

A. The LDAP Base DN is incorrect.

B. The Bind DN credentials are invalid.

C. The LDAP server is NOT responding.

D. The user has entered an invalid password.

Answer: B

Question: 6

A company has an external-facing web application that requires end-to-end encryption and Layer-7 functionality.

Which protocol type would an engineer choose for the virtual server and service?

A. SSL

B. SSL_TCP

C. SSL_PUSH

D. SSL_BRIDGE

Answer: B

Question: 7

Scenario: A NetScaler Engineer has enabled the HTTP Compression feature on an existing production NetScaler. The engineer is using the built-in policies. The engineer reviews the HTTP Compression statistics but does NOT see any compression statistic data.

What is the likely reason?

A. SSL protocol is being used for encryption.

B. The Compression Policy engine is set to default.

C. "Allow Server side compression" is checked on the NetScaler.

D. Responses with the Content-Length or Chunked header are being sent from the server.

Answer: C

Question: 8

Which two of the listed statements are true about Access Control Lists (ACLs) on the NetScaler? (Choose two.)

A. Extended ACLs may BRIDGE traffic.

B. Simple ACLs are bound on ALL interfaces.

C. Extended ACLs are evaluated after creation.

D. Simple ACLs are processed after Extended ACLs.

Answer: A,B

Question: 9

What is the purpose of the SSL Certificate Authority (CA) root certificate during an SSL connection?

A. SSL Cipher Exchange

B. Session Key Exchange

C. Pre Shared Master Secret Generation

D. Server Certificate Signature Verification

Answer: A

Question: 10

In order to create a three-node NetScaler cluster, all nodes must __________ and __________. (Choose the two correct options to complete the sentence.)

A. be physical appliances

B. have Platinum licensing

C. be using the same build

D. be the same platform model

Answer: C,D

Question: 11

Scenario: A NetScaler Engineer has been tasked with reconfiguring an existing NetScaler deployment. The engineer is currently running a high-availability (HA) pair of NetScaler 10.5 appliances, but the Vice President of IT has requested a more efficient way of preserving and balancing network resources and throughput while having a single point of management for the NetScaler appliances.

What should the engineer configure to satisfy the requirements outlined by the Vice President of IT?

A. Switch from traditional HA to -INC mode HA.

B. Break the HA pair and configure clustering instead.

C. Break the HA pair and configure three standalone NetScaler nodes.

D. Leave HA enabled and increase bandwidth to both NetScaler nodes.

Answer: B

Question: 12

A NetScaler Engineer plans to deploy a third-party application that will perform scheduled configuration auditing by using NITRO API with a REST interface.

Which management protocol should the engineer enable to allow NITRO API access?

A. SSH

B. HTTP

C. Telnet

D. SNMP

Answer: B

Question: 13

Traffic to which destination is sourced from the NetScaler IP (NSIP) by default?

A. NTP servers

B. Clients on the Internet

C. Load-balanced web services

D. Load-balanced authentication services

Answer: A

Question: 14

Scenario: A NetScaler Engineer configures COOKIEINSERT persistence method for an HTTP VServer named 'myApp'. Many clients do NOT allow the persistence cookie to be set and application sessions fail as a result. All clients are behind a network address translation (NAT) gateway, which will insert the client IP address into an HTTP header called X-Forwarded-For.

Which command could the engineer execute to provide persistence for clients while still distributing the requests across the bound services?

A. set lb vserver myApp -persistenceType SOURCEIP

B. set lb vserver myApp -persistenceType NONE -lbmethod SRCIPDESTIPHASH

C. set lb vserver myApp -persistenceType COOKIEINSERT -timeout 0 -cookieName X-Forwarded-For

D. set lb vserver myApp -persistenceType NONE -lb method TOKEN -rule "HTTP.REQ.HEADER(\"X-Forwarded-For\").VALUE(0)

Answer: D

Question: 15

Scenario: A NetScaler Engineer has created an SSL virtual server that utilizes SSL services. The engineer needs to configure certificate authentication from the NetScaler to the backend web services.

What should the engineer do to meet the requirements outlined in the scenario?

A. Bind a CA Certificate to the SSL Services.

B. Bind a Client Certificate to the SSL Services.

C. Create an SSL policy to present the Client Certificate to the web services.

D. Enable Client Authentication and set Client Certificate to mandatory on the virtual server.

Answer: B

Question: 16

Which service setting would a NetScaler Engineer use in the command-line interface to limit connections to server resources?

A. -maxReq

B. -maxClient

C. -monThreshold

D. -maxBandwidth

Answer: B

Question: 17

Which statement is true about interface link-state on the NetScaler?

A. Interface link-state is controlled by ifconfig in BSD.

B. Interface link-state is dependent on the HAMON setting.

C. Interface link-state CANNOT be brought down from the NetScaler.

D. Interface link-state on both appliances is unaffected by the force failover command.

Answer: C

Question: 18

In order to configure integrated cache, a NetScaler Engineer would need to reboot the NetScaler when the integrated caching feature is __________ and cache memory limit is set to __________. (Choose the correct set of options to complete the sentence.)

A. enabled; zero

B. disabled; zero

C. enabled; non-zero

D. disabled; non-zero

Answer: A

Question: 19

Which two certificate formats are supported when creating a certificate key pair on the NetScaler? (Choose two.)

A. PEM

B. DER

C. PKCS7

D. PKCS12

Answer: A,B

Question: 20

As a result of connecting two NetScaler interfaces in the same L2 broadcast domain/VLAN (unless link aggregation is configured), the NetScaler will __________. (Choose the correct option to complete the sentence.)

A. restart

B. disable one interface

C. cause a network loop

D. disable both interfaces

Answer: C

Question: 21

Scenario: Users in an organization need to access several web applications daily. Management has asked a NetScaler Engineer to reduce the amount of times users have to enter credentials when accessing web applications.

What should the engineer configure to meet this requirement?

A. A load-balancing VServer and an authorization policy

B. An authentication VServer and an authorization policy

C. An authentication VServer and an authentication policy

D. A content switching VServer and an authentication profile

Answer: C

Question: 22

The upgrade script copies the updated NetScaler kernel file to the __________ NetScaler directory. (Choose the correct option to complete the sentence.)

A. /var

B. /flash

C. /nsconfig

D. /flash/boot

Answer: B

Question: 23

Which setting must an engineer ensure is configured before a Subnet IP (SNIP) could be used to communicate with servers on the same network segment?

A. Static route is defined

B. USIP mode is enabled

C. USNIP mode is enabled

D. Default gateway is defined

Answer: C

Question: 24

Which tool could a NetScaler Engineer use to monitor client-side rendering times for a Web application that is load-balanced by NetScaler?

A. Tcpdump

B. Insight Center

C. Command Center

D. NetScaler Dashboard

Answer: A

Question: 25

What should a NetScaler Engineer configure to create load-balancing virtual servers and services on the same VLAN with overlapping IP addresses?

A. Listen policies

B. Traffic domains

C. Dynamic routing

D. Policy-based routing

Answer: B

Test Information:

Total Questions: 289

Test Number: 1Y0-351

Vendor Name: Citrix

Cert Name: Citrix Certified Professional Networking

Test Name: Citrix NetScaler 10.5 Essentials and Networking

Official Site: https://www.certschief.com/

For More Details: https://www.certschief.com/exam/1y0-351-2/
About the Author

Certschief offers Architecting Microsoft Azure Solutions accreditation genuine exam questions answers with cash back pass ensure.

Rate this Article
Leave a Comment
Author Thumbnail
I Agree:
Comment 
Pictures
Author: William Hicks

William Hicks

Member since: Nov 28, 2017
Published articles: 29

Related Articles