December/2018 Braindump2go 1Y0-340 Exam Dumps with PDF and VCE New Updated Today! Following are some new 1Y0-340 Real Exam Questions:

1.|2018 Latest 1Y0-340 Exam Dumps (VCE & PDF) 110Q&As Download:

2.|2018 Latest 1Y0-340 Exam Questions & Answers Download:

Question: 23

Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP
29362 0: x.x.x.1 439800-PPEO- urlwdummy Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?

A. Increase the Maximum Header Length under nshttp_default_profile.
B. Increase the POST body limit using the HTTP profile.
C. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ(\ “POST”\)” with APPFW_BYPASS profile bound.
D. Increase the POST body limit under common settings in Application Firewall profile settings.

Answer: D

Question: 24

Which two threats can be prevented by using IP Reputation? (Choose two.)

A. Trojan horses
B. Phishing Proxies
C. Worm
D. Compromised IPv6 web-server
E. Compromised IPv4 web-server

Answer: B,E

Question: 25

Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end- to-end ICA traffic flowing through a NetScaler ADC?

A. Gateway Insight
B. HDX Insight
C. Security Insight
D. Web Insight

Answer: B

Question: 26

A Citrix Engineer needs generate and present a NetScaler PCI-DSS report to management. The report should include a PCI-DSS summary of the required security measures for PCI-DSS compliance.
Where can the engineer generate the report from?

A. Documentation > Nitro API
B. Reporting> System
C. Dashboard>System Overview
D. Configuration>System>Reports

Answer: D

Question: 27

Scenario: A Citrix Engineer has configured a NetScaler Management Analytics System (NMAS) policy mandating that all certificates must have minimum key strengths of 2048 bits and must be authorized by trusted CA/Issuers.
How does NMAS alert the engineer about non-compliance?

A. NMAS highlights any non-compliance with the ‘Non-Recommended’ tag.
B. NMAS disables any non-compliant policies.
C. NMAS does NOT alert the engineer.
D. NMAS disables any non-compliant certificates.

Answer: A

Question: 28

A Citrix Engineer is configuring an Application Firewall Policy to protect a website. Which expression will the engineer use in the policy?

C. HTTP.RES.HEADER (“hostname”).EQ (“true”)

Answer: B

Question: 29

A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection. Which setting can the engineer enable in order to avoid false-positive learned rules?

A. Increase database size for Learned data.
B. Decrease Minthreshold value to Default in Learning settings.
C. Increase Minthreshold value in Learning settings.
D. Remove all unreviewed data from Learning settings.

Answer: D

Question: 30

Scenario: A Citrix Engineer has configured an IP Reputation policy and Profile in Application Firewall. However, the engineer is NOT able to see any hits on the policy during testing.
Which logs can the engineer check to ensure that IP Reputation is configured correctly?

A. websocketd.log
B. snmpd.log
C. iprep.log
D. httpaccess.log

Answer: C

Question: 31

A Citrix Engineer has configured SQL Injection security check to block all special characters. Which two requests will be blocked after enabling this check? (Choose two.)

A. Citrix; Sqltest
B. 175// OR 1//=1//
C. Citrix” OR “1”=”1
D. Citrix OR 1=1
E. 175’ OR ‘1’= ‘1’

Answer: A,B

Question: 32

Which security option falls under the Negative Security Model for Citrix Application Firewall?

A. Start URL
B. HTML Cross-Site Scripting
C. Content-type
D. Signature

Answer: D

Question: 33

Scenario: A Citrix Engineer has configured LDAP group extraction on the NetScaler Management and Analytics System (NMAS) for the administration. The engineer observes that extraction is NOT working for one of the five configured groups.
What could be the cause of the issue?

A. The admin bind user has read-only permissions on the LDAP server.
B. The NMAS group does NOT match the one on the external LDAP servers.
C. The LDAP bind DN is incorrectly configured in the LDAP profile.
D. The user group extraction is NOT supported with plaintext LDAP.

Answer: B


1.|2018 Latest 1Y0-340 Exam Dumps (VCE & PDF) 110Q&As Download:

2.|2018 Latest 1Y0-340 Study Guide Video: