Scenario: A Citrix Architect has implemented two high availability pairs of MPX 5500 and MPX 11500 devices respectively with 12.0.53.13 nc version. The NetScaler devices are set up to handle NetScaler Gateway, Load Balancing, Application Firewall, and Content Switching. The Workspacelab infrastructure is set up to be monitored with NMAS version 12.0.53.13 nc by the Workspacelab administrators. The Workspacelab team wants to implement one more pair of NetScaler MPX 7500 devices with version

12.0.53.13 nc.

The Citrix consulting team has assigned the task to implement these NetScaler devices in the infrastructure and set them up to be monitored and managed by NMAS.

The following are the requirements that were discussed during the project initiation call:

1.

NMAS should be configured to get the infrastructure information under sections such as HDX Insight, WEB Insight, and Security Insight.

2.

Configuration on the new MPX devices should be identical to MPX 11500 devices.

3.

Configuration changes after the deployment and initial setup should be optimized using NMAS.

4.

NMAS should be utilized to configure templates that can be utilized by the Workspacelab team in future deployment.

5.

As per the requirement from the Workspacelab team, NMAS should be store the audited data for only 15 days.

Which process should the architect utilize to ensure that the deployment of MPX 11500 devices are optimized and that it is correct, before deploying the devices in production?

A. Under Stylebooks; Inbuilt and composite stylebook templates should be utilized prior to deployment.

B. Under Stylebooks; Public and composite stylebook templates should be utilized prior to deployment.

C. Under Configuration Management; Configuration Audit and Advice should be used prior to deployment.

D. Under Configuration jobs; Configuration Audit and Advice should be used prior to deployment.

Scenario: A Citrix Architect needs to design a hybrid XenApp and XenDesktop environment which will include Citrix Cloud as well as resource locations in an on-premises datacenter and Microsoft Azure.

Organizational details and requirements are as follows:

1.

Active XenApp and XenDesktop Service subscription

2.

No existing NetScaler deployment

3.

Global Server Load Balancing is used to direct connection requests to Location B, if the StoreFront server in Location B fails, connections should be directed to Location A.

Click the Exhibit button to view the conceptual environment architecture.

The architect should use _____ in Location A, and should use ________ in Location B. (Choose the correct option to complete the sentence.)

A. NetScaler ADC (BYO); NetScaler gateway appliance

B. NetScaler ADC (BYO); No NetScaler products

C. NetScaler ADC (BYO); NetScaler ADC (BYO)

D. NetScaler Gateway appliance; NetScaler Gateway appliance

E. NetScaler Gateway appliance; NetScaler ADC (BYO)

Scenario: A Citrix Architect needs to design a hybrid XenApp and XenApp and XenDesktop environment which will include Citrix Cloud as well as resource locations in on-premises datacenter and Microsoft Azure.

Organizational details and requirements are as follows:

1.

Active XenApp and XenDesktop Service subscription

2.

No existing NetScaler deployment

3.

About 3,000 remote users are expected to regularly access the environment

4.

Multi-factor authentication should be used for all external connections

5.

Solution must provide load balancing for backend application servers

6.

Load-balancing services must be in Location B

Click the Exhibit button to view the conceptual environment architecture.

The architect should use ________ in Location A, and should use _________ in Location B. (Choose the correct option to complete the sentence.)

A. NetScaler Gateway as a Service, no NetScaler products

B. No NetScaler products, NetScaler ADC (BYO)

C. NetScaler Gateway as a Service, NetScaler ADC (BYO)

D. No NetScaler products, NetScaler ICA Proxy (cloud-licensed)

E. NetScaler Gateway as a Service, NetScaler ICA Proxy (cloud-licensed)

F. No NetScaler products; NetScaler Gateway appliance

Scenario: A Citrix Architect has set up NetScaler MPX devices in high availability mode with version 12.0.

53.13 nc. These are placed behind a Cisco ASA 5505 Firewall is configured to block traffic using access control lists. The network address translation (NAT) is also performed on the firewall.

The following requirements were captured by the architect during the discussion held as part of the NetScaler security implementation project with the customer's security team:

The NetScaler device:

1.

Should monitor the rate of traffic either on a specific virtual entity or on the device. It should be able to mitigate the attacks from a hostile client sending a flood of requests. The NetScaler device should be able to stop the HTTP, TCP, and DNS based requests.

2.

Needs to protect backend servers from overloading.

3.

Needs to queue all the incoming requests on the virtual server level instead of the service level.

4.

Should provide access to resources on the basis of priority.

5.

Should provide protection against well-known Windows exploits, virus-infected personal computers, centrally managed automated botnets, compromised webservers, known spammers/hackers, and phishing

proxies.

6.

Should provide flexibility to enforce the desired level of security check inspections for the requests originating from a specific geolocation database.

7.

Should block the traffic based on a pre-determined header length, URL length, and cookie length. The device should ensure that characters such as a single straight quote (*); backslash(\), and semicolon (;) are either blocked, transformed, or dropped while being sent to the backend server.

Which two security features should the architect configure to meet these requirements? (Choose two.)

A. Pattern sets

B. Rate limiting

C. HTTP DDOS

D. Data sets

E. APPQOE

Scenario: The following NetScaler environment requirements were discussed during a design meeting between a Citrix Architect and the Workspacelab team:

1.

All traffic should be secured, and any traffic coming into HTTP should be redirected to HTTPS.

2.

Single Sign-on should be created for Microsoft Outlook web access (OWA).

3.

NetScaler should recognize Uniform Resource Identifier (URI) and close the session to NetScaler when users hit the Logoff button in Microsoft Outlook web access.

4.

Users should be able to authenticate using user principal name (UPN).

5.

The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers and the

monitor probes must be sent on SSL.

Which method can the architect use to redirect the user accessing https://mail.citrix.com to https:// mail.citrix.com?

A. add responder action act redirect “https://mail.citrix.com” -responseStatusCode 302 add responder policy pol HTTP.REQ.IS_VALID act

B. add lb server test SSL 10.107.149.243.80 -persistenceType NONE -cltTimeout 180 -redirectFromPort 80 -httpsRedirectUrl https://mail.citrix.com

C. add lb server test SSL 10.107.149.243.443 -persistenceType NONE -cltTimeout 180 -redirectFromPort 80 -httpsRedirectUrl https://mail.citrix.com

D. add responder action act redirect “\https://\ + HTTP REQ.HOSTNAME.HTTP_URL_SAFE + HTTP.REQ.URL_PATH_AND_QUERY.HTTP_URL_SAFE\n\n” -responseStatusCode 302 add responder policy pol HTTP.REQ.IS_VALID act

Which two features are supported on LbaaSV1? (Choose two.)

A. Cookie Insertion

B. Layer 7 Load Balancing

C. Certificate Bundle

D. Layer 4 Load balancing

E. Server name Indicator

Scenario: A Citrix Architect needs to deploy a NetScaler appliance for Workspacelab, which will provide application load balancing services to Partnerlab and Vendorlab.

The setup requirements are as follows:

1.

A pair of NetScaler MPX appliances will be deployed in the DMZ network.

2.

High availability will be accessible on the NetScaler MPX in the DMZ Network.

3.

Load balancing should be performed for the mail servers for Partnerlab and Vendorlab.

4.

The traffic for both of the organizations must be isolated.

5.

Separate Management accounts must be available for each client.

6.

The load-balancing IP addresses must be identical.

7.

A separate VLAN must be utilized for communication for each client.

Which solution can the architect utilize to meet the requirements?

A. Traffic Domain

B. Admin Partition

C. VLAN Filtering

D. VPX or MPX

Under which two circumstances will a service be taken out of the slow start phase with automated slow start? (Choose two.)

A. The service does NOT receive traffic for three successive increment intervals.

B. The server request rate parameters are set above 25 requests per second.

C. The actual request rate is slower than the new service request rate.

D. The percentage of traffic that the new service must receive is greater or equal to 50.

E. The request rate has been incremented 100 times.

Scenario: A Citrix Architect needs to assess an existing NetScaler configuration. The customer recently found that certain user groups were receiving access to an internal web server with an authorization configuration that does NOT align with the designed security requirements.

Click the Exhibit button view the configured authorization settings for the web server.

Which item should the architect change or remove to align the authorization configuration with the security requirements of the organization?

A. Item 1

B. Item 3

C. Item 4

D. Item 5

E. Item 2

Which step does a Citrix Architect need to ensure during the Define phase when following the Citrix Methodology?

A. Testing steps were integrated.

B. The project manager agrees with road map timelines.

C. A phased roll out was completed.

D. Existing networking infrastructure is ready.

E. The redundancy deployment decision was made.