1Y0-230 Exam - Citrix NetScaler 12 Essentials and Unified Gateway

NEW QUESTION 1
Scenario: A Citrix Administrator configured SNMP to send traps to an external SNMP system. When reviewing the messages, the administrator noticed several entity UP and entity DOWN messages.
To what are these messages related?

• A. High availability synchronization
• B. Load balancing virtual servers
• C. High availability heartbeats
• D. Network interface

Answer: B

NEW QUESTION 2
A Citrix Administrator receives user complaints about latency while accessing an application that is being load-balanced on the NetScaler.
Which tool can the administrator use to gather information regarding Response time, Client latency and Server-side processing time?

• A. aaad.debug
• B. WAN Insight
• C. NetScaler Management and Analytics System (MAS)
• D. HDX Insight

Answer: D

NEW QUESTION 3
Which type of NetScaler Service Monitor can a Citrix Administrator use to test a three-way handshake between the NetScaler and the back-end server?

• A. UDP
• B. PING
• C. TCP
• D. LDAP

Answer: C

NEW QUESTION 4
Scenario: A Citrix Administrator suspects an attack on a load-balancing virtual server. The administrator needs to restrict access to the load-balancing virtual server (192.168.100.25) for 10 minutes.
Which Access Control List (ACL) will help to accomplish this requirement?

• A. add ns acl rule1 DENY –destIP 192.168.100.25- TTL 600000
• B. add simpleacl rule1 DENY- srcIP 192.168.100.25- TTL 600
• C. add ns acl rule1 DENY –destIP 192.168.100.25- TTL 600
• D. add simpleacl rule1 DENY- srcIP 192.168.100.25- TTL 600000

Answer: C

NEW QUESTION 5
Which three pieces of information are required for a NetScaler Unified Gateway deployment? (Choose three.)

• A. Valid SSL Certificates
• B. Secondary Authentication for the Unified Gateway
• C. Enterprise license or higher
• D. Content Switching virtual server
• E. Multiple IP addresses for User Access

Answer: ACD

NEW QUESTION 6
Scenario: A XenDesktop Administrator just updated a StoreFront server to the X1 Receiver portal theme. The NetScaler Administrator would like to update the gateway to match StoreFront as closely as possible.
How can the NetScaler Administrator accomplish this with the least amount of administrative effort and without impacting connectivity through the gateway during the change?

• A. Create a new gateway with the X1 theme.
• B. Update the existing gateway by selecting the X1 theme from the global settings.
• C. Create a new gateway with a customs theme to match StoreFront.
• D. Update the existing gateway by building a custom theme to match StoreFront.

Answer: B

NEW QUESTION 7
Scenario: A NetScaler Gateway provides ICA Proxy to an internal XenDesktop site in an environment. The security team wants the Citrix Administrator to configure the NetScaler to block client drives if the client device fails a security scan.
Which NetScaler feature allows the administrator to satisfy the security team’s requirements without making changes to the XenDesktop configuration?

• A. Traffic Policy
• B. Smart Access
• C. SmartControl
• D. Authorization Policy

Answer: D

NEW QUESTION 8
A Citrix Administrator needs to configure single sign-on to a StoreFront server using an external, secure single URL.
Which type of virtual server can the administrator use to meet this requirement?

• A. Load Balancing
• B. Content Switching
• C. VPN
• D. Unified Gateway

Answer: D

NEW QUESTION 9
Scenario: A Citrix Administrator has given permissions to team members to access their own admin partition, so they can add resources for different departments and manage them without making changes to the default NetScaler partition and configuration.
One team member was trying to use the command-line interface to trouble an authentication issue and could NOT use aaad.debug. However, the team member has full permissions on the admin partition.
What can be the cause of this issue?

• A. The team member needs to troubleshoot the issue form the GUI.
• B. The team member does NOT have Shell access by design.
• C. The team member does NOT have permission to use the CLI.
• D. The team member is NOT using the CLI correctly.

Answer: C

NEW QUESTION 10
While troubleshooting an SSL issue on one of the SSL-based virtual servers, a Citrix Administrator noticed that the data captured from the TCP dump was showing in plain text.
What could be the cause of this issue?

• A. No SSL cipher suite was selected
• B. The SSL Certificate expired
• C. The selected cipher suite is obsolete
• D. Misconfiguration of the TCP profile

Answer: A

NEW QUESTION 11
Scenario: A Citrix Administrator configured a new NetScaler Unified Gateway. The administrator would like to see what Endpoint Analysis and Single Sign-on failures have occurred since implementing the new Gateway.
Which tool can the administrator use to see this data?

• A. NetScaler Dashboard
• B. MAS Gateway Insight
• C. aaad.debug
• D. MAS Security Insight

Answer: B

NEW QUESTION 12
Scenario: A Citrix Administrator found that whenever a NetScaler VPX high availability (HA) pair of
appliances fails over, the load-balanced websites are NOT accessible. The administrator investigated the issue and found that the router and switches do NOT support gratuitous ARP (GARP). However, the administrator cannot immediately afford to upgrade the network infrastructure.
What can the administrator do immediately to resolve the issue and prevent a future outage?

• A. Migrate the VPX pair to different hypervisor hosts.
• B. Replace the NetScaler VPX appliances with NetScaler MPX appliances
• C. Configure a Virtual MAC (VMAC) on the NetScaler.
• D. Utilize IPv6 instead of IPv4.

Answer: D

NEW QUESTION 13
A Citrix Administrator needs to customize the user experience for users connecting with the NetScaler Gateway plug-in.
Which three options can the administrator configure in this customization, using session and traffic policies? (Choose three.)

• A. The level of user access to the applications
• B. Single sign-on
• C. Split tunneling
• D. The domains to which users are allowed access
• E. Authentication methods

Answer: CDE

NEW QUESTION 14
Scenario: A Citrix Administrator needs to create local user accounts for other administrators with limited privileges. The other administrators will need only:
-Read-only access
-The ability to enable and disable services and servers
Which built-in Command Policy permission level can the administrator use?

• A. Network
• B. Operator
• C. Sysadmin
• D. Read-Only

Answer: B

NEW QUESTION 15
Which NetScaler feature can a Citrix Administrator use to create a customer footer for a NetScaler Gateway login page?

• A. Rewrite
• B. SmartAccess
• C. HTTP Callout
• D. Responder

Answer: A

NEW QUESTION 16
Scenario: A Citrix Administrator created a rewrite policy to add a custom footer for a NetScaler Gateway login page. However, the administrator is NOT able to see the changes on the login page.
Which step can the administrator perform next to see the changes on the login page?

• A. Restart the NetScaler
• B. Edit the vpn/gateway_login_view.js file
• C. Make changes to rc.netscaler
• D. Disable the Rewrite and Responder feature

Answer: B

NEW QUESTION 17
Scenario: Users belong to three Authentication, Authorization and Auditing (AAA) groups: Corporate, Finance and Software.
Show aaa groups:
>show aaa group
1) GroupName: Corporate
2) GroupName: Finance
3) GroupName: Software Done
>show aaa group Corporate GroupName: Corporate Weight: 0
Authorization Policy: pol_1, Type: Classic, Priority: 0
> add authorization policy pol_1 ns_true ALLOW
> bind aaa group Corporate –policy pol_1
The user is being denied resources while aaad.debug shows: Group ‘corporate’ being extracted for user User1
Why is the user being denied access?

• A. The Authorization policy is NOT configured properly.
• B. The group attribute is NOT configured in the LDAP policy.
• C. AAA group names are NOT the same as those in Active Directory/
• D. LDAP Base DN is incorrect.

Answer: D

NEW QUESTION 18
A Citrix Administrator needs to configure a policy where users will be downgraded to ‘ICA Proxy Only’ from ‘Full VPN’ in the event a user fails to meet Endpoint Analysis requirements.
Which configuration is required to satisfy this requirement?

• A. Quarantine Group with nFactor authentication
• B. Quarantine Group with two-factor authentication, using LDAP as primary authentication
• C. Quarantine Group with no Active Directory membership
• D. Quarantine Group with regular Active Directory membership

Answer: A