NEW QUESTION 1
What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?

• A. Configure Domain Sharding.
• B. Add more web servers.
• C. Block JavaScript on client browsers.
• D. Do NOT allow HTML websites.

Answer: A

NEW QUESTION 2
A company has experienced an outage of their mission-critical website. Upon investigation, the Citrix Engineer determines that the following command was executed on the website:
DROP TABLE table_name
Which security check would have prevented this issue?

• A. HTML SQL Injection
• B. Form Field Consistency
• C. HTML Cross-Site Scripting
• D. Field Formats

Answer: A

NEW QUESTION 3
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. Which regular expression can the engineer use?

• A. www$.citrix$.com
• B. [www]. [citrix]. [com]
• C. www+.citrix+.com
• D. www.citrix.com

Answer: B

NEW QUESTION 4
A Citrix Engineer has determined that users are able to access random URLs on a web site through bookmarks and by manually typing in the URLs to skip the pages required to reach that part of the website.
Which two checks can the engineer enable to prevent this attack? (Choose two.)

• A. Form Field Consistency
• B. Deny URL
• C. Start URL
• D. Buffer overflow
• E. HTML Cross-site scripting

Answer: CD

NEW QUESTION 5
Which action can be used to place the rule on the relaxation list without being deployed and ensuring that the rule is NOT learned again?

• A. Skip
• B. Deploy
• C. Delete
• D. Edit& Deploy

Answer: A

NEW QUESTION 6
The NetScaler Management and Analytics System (NMAS) collects inventory from the instance by sending a(n) request. (Choose the correct option to complete the sentence.)

• A. AppFlow
• B. NITRO
• C. SNMP
• D. HTTP

Answer: B

NEW QUESTION 7
Which three protocols in a NetScaler Management and Analytics System (NMAS) can be used to back up the current state of the managed NetScaler instances? (Choose three.)

• A. Telnet
• B. Secure Shell (SSH)
• C. NITRO calls
• D. HTTP
• E. Secure Copy (SCP)

Answer: BCE

Explanation: ou can manually backup and restore NetScaler configurations using the GUI, CLI, or you can use NetScaler MAS to perform automatic backups and manual restores. NetScaler MAS backs up the current state of your managed NetScaler instances by using NITRO calls and the Secure Shell (SSH) and Secure Copy (SCP) protocols.

NEW QUESTION 8
Scenario: A Citrix Engineer is trying to optimize a website that is load balanced on a NetScaler and is accessed by mobile users. The web application is complex and made up of hundreds of embedded images, scripts, and other objects per page. This limitation is creating a significant bottleneck, resulting in excessive load times.
Which NetScaler feature can the engineer use to optimize the web application?

• A. Domain Sharding
• B. SPDY (Speedy)
• C. Multipath TCP
• D. Minification

Answer: A

Explanation: The leading capability in this category is domain sharding. By default, browsers restrict the number of parallel connections that can be open to any one domain. Typically, fewer than ten are allowed. For complex web applications with hundreds of embedded images, scripts and other objects per page, this limitation can create a significant bottleneck resulting in excessive load times. With domain sharding, NetScaler MobileStream modifies administrator-selected URLs by breaking them into sub-domains to allow client web browsers to open multiple groups of parallel connections. As a result, object-heavy pages are downloaded and can be rendered up to 10 times faster. Also included in this category is cache extension, a capability that leverages advanced browser settings and NetScaler AppCache functionality to further improve performance by maximizing the practice of locally caching static content.

NEW QUESTION 9
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log
–cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly
–crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none
–responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none

• A. Configure Encrypt Server cookies to “Encrypt All”
• B. Configure Encrypt Server cookies to “None”
• C. Configure Encrypt Server cookies to “Encrypt Session Only”
• D. Configure Encrypt Server cookies to “Encrypt only”

Answer: B

NEW QUESTION 10
A Citrix Engineer needs to ensure that clients always receive a fresh answer from the integrated cache for positive responses (response of 200).
Which two settings can the engineer configure to make sure that clients receive a fresh response when it is needed? (Choose two.)

• A. –flashCache NO
• B. - pollEveryTime YES
• C. –prefetch YES
• D. –quickAbortSize

Answer: AB

NEW QUESTION 11
A Citrix Engineer needs to deploy the NetScaler Management and Analytics System (NMAS) in their company environment to ensure that NMAS provides uninterrupted operation in all situations.
Which deployment type can meet this requirement?

• A. Active-Active High Availability Mode
• B. Single-Server Deployment Mode
• C. NMAS integrated with Director mode
• D. Active-Passive High Availability Mode

Answer: A

NEW QUESTION 12
A Citrix Engineer is considered that malicious users could exploit a web system by sending a large cookie. Which security check can the engineer implement to address this concern?

• A. Field Formats
• B. Content-type
• C. Buffer Overflow
• D. Start URL

Answer: C

NEW QUESTION 13
A Citrix Engineer needs to protect a website that contains sensitive data such as employee ID numbers and customer ID numbers.
Which security check can the engineer implement to protect the sensitive data?

• A. Content-type
• B. Safe Object Check
• C. Field Formats
• D. CSRF Form tagging

Answer: B

Explanation: The Safe Object check provides user-configurable protection for sensitive business information, such as customer numbers, order numbers, and country-specific or region-specific telephone numbers or postal codes.

NEW QUESTION 14
Scenario: A Citrix Engineer has configured a NetScaler Management Analytics System (NMAS) policy mandating that all certificates must have minimum key strengths of 2048 bits and must be authorized by trusted CA/Issuers.
How does NMAS alert the engineer about non-compliance?

• A. NMAS highlights any non-compliance with the ‘Non-Recommended’ tag.
• B. NMAS disables any non-compliant policies.
• C. NMAS does NOT alert the engineer.
• D. NMAS disables any non-compliant certificates.

Answer: A

NEW QUESTION 15
Which Markup Language is used along with NITRO API to create a StyleBook?

• A. YAML
• B. GML
• C. XML
• D. HTML

Answer: A

NEW QUESTION 16
A Citrix Engineer needs to implement Application Firewall to prevent the following tampering and vulnerabilities:
-If web server does NOT send a field to the user, the check should NOT allow the user to add that field and return data in the field.
-If a field is a read-only or hidden field, the check verifies that data has NOT changed.
-If a field is a list box or radio button field, the check verifies that data in the response corresponds to one of the values in that field.
Which security check can the engineer enable to meet this requirement?

• A. Field Formats
• B. Form Field Consistency
• C. HTML Cross-Site Scripting
• D. CSRF Form Tagging

Answer: B

NEW QUESTION 17
A Citrix Engineer observes that when the application firewall policy is bound to the virtual server, some of the webpages are NOT loading correctly.
Which log file can the engineer use to view the application firewall-related logs in the native format?

• A. /var/log/iprep.log
• B. /var/nslog/newnslog
• C. /var/nslog/ns.log
• D. /var/log/ns.log

Answer: D