Citrix - realExamQuestions.1Y0 A13.v2011!11!08.by - Faith 1

Citrix_RealExamQuestions.
Com_1Y0-A13_v2011-11-08_44q_By-FAITH
Number: 1Y0-A13 Passing Score: 800 Time Limit: 120 min File Version: 2011-11-08 Exam : Citrix_RealExamQuestions.Com_1Y0-A13 Ver :2011-11-08 Question : 44 if u wana pass the exam with good percentage dn follow this dump good luck By-FAITH
Exam A QUESTION 1 Scenario: A network administrator needs to configure access to published resources in a Citrix XenApp farm through Access Gateway. The administrator will implement Access Gateway as a replacement for the current Secure Gateway deployment, which does NOT have SmartAccess. Which three steps must the administrator take for this scenario? (Choose three.) A. B. C. D. E. Set ICA Proxy to ON Configure split tunneling Set Single Sign-on Domain Configure the Secure Ticket Authority server Set the Access Gateway home page to the Web Interface URL
Answer: ACD Section: (none) Explanation/Reference:
QUESTION 2 Scenario: An administrator wants users to be able to access resources running on file servers and application servers in an environment. The administrator has deployed Access Gateway 9.0, Enterprise Edition. The Citrix Access Gateway Plugin for Windows is used to establish connections to the corporate network. There are no intranet applications configured in this environment and split tunneling is turned off. The default authorization policy is set to "Deny." Users in this environment will be able to access applications on file and application servers as long as ______. (Choose the correct phrase to complete the sentence.) A. B. C. D. Users are assigned specific intranet IP addresses An authorization policy is configured to grant them access Internal resources are assigned specific intranet IP addresses Internal resources in this environment are configured as published applications
Answer: B Section: (none) Explanation/Reference:
QUESTION 3 Scenario: An Access Gateway virtual server is configured with the following three settings: ICA Proxy is set to ON Web Interface address is set to "http://10.102.32.201:80/Citrix/AccessPlatform" Clientless Access is set to ON Client Choices is enabled Which client choice(s) will be available to a user logging in from a client device running a Windows operating system? A. B. C. D. Web Interface only Clientless Access only Web Interface and Clientless Access Access Gateway Plugin for Windows, Web Interface and Clientless Access
Answer: C Section: (none) Explanation/Reference:
QUESTION 4 Scenario: A system administrator created a new virtual server, "admin.widget.com", on an Access Gateway appliance. Only system administrators will be connecting to this virtual server. These system administrators require a full SSL VPN tunnel when connecting. Other users connect to another virtual server, "users.widget. com", which runs on the same Access Gateway appliance. Any user connecting through "users.widget.com" currently connects clientlessly. Which action must the administrator take to give the system administrators full VPN access? A. Edit the virtual server corresponding to admin.widget.com and enable the Citrix Access Gateway Plugin for ActiveX B. Create a session policy, set Clientless Access to Off in the profile associated with the policy and apply the policy to users.widget.com C. Create a session policy, set Clientless Access to Off in the profile associated with the policy and apply the policy to admin.widget.com D. Create a session policy, select Citrix Access Gateway Plugin for Windows as the "Windows PluginType" in the profile associated with the policy and apply the policy to admin.widget.com Answer: D Section: (none) Explanation/Reference:
QUESTION 5 The Citrix Access Gateway Plugin for Windows needs administrative privileges _______ and ________ on a Windows XP device. (Choose the two correct phrases to complete the sentence.) A. B. C. D. For installation For upgrading or downgrading of the system For Endpoint Analysis checks that require administrative privileges For those rare situations where it will be used as an antivirus application
Answer: AC Section: (none) Explanation/Reference:
QUESTION 6 An administrator wants to provide access to published applications hosted on XenApp servers only, without requiring the use of a Citrix Access Gateway Plugin for Windows.Which feature should the administrator enable in order to meet the needs of this environment? A. ICA proxy B. Single sign-on
C. SmartAccess with ICA proxy D. Session Reliability on Web Interface Answer: A Section: (none) Explanation/Reference:
QUESTION 7 Scenario: The wireless network in an environment is NOT secure, so users connecting over it http://certvn. wordpress.com need to log on to Access Gateway in order to access resources in the corporate intranet. The users in this environment are running Windows XP on their client devices and management has instructed the IT team to ensure that users are logged on automatically to Access Gateway using the Windows credentials they used to log on to their client devices.Which Access Gateway Plugin type should the IT team implement in this environment? A. B. C. D. Clientless Access Citrix Access Gateway Plugin for Java Citrix Access Gateway Plugin for ActiveX Citrix Access Gateway Plugin for Windows
Answer: D Section: (none) Explanation/Reference:
QUESTION 8 Scenario: A network administrator created multiple personal folder files (*.pst) on a workstation while accessing Outlook over a VPN session. The administrator would like for the *.pst files to be deleted upon logout from the VPN session.The administrator should configure the client cleanup to clean up _______. (Choose the correct option to complete the sentence.) A. B. C. D. Cookies *.pst files Address bars Application data
QUESTION 9 Scenario: An Access Gateway virtual server is configured with the following settings: A group named QUARGRP A session profile named QUARPROF, with Clientless Access mode set to ON A session policy named QUARPOL, with the expression, "NS_TRUE" and the profile QUARPROF
The QUARPOL session policy is bound to the QUARGRP group The global settings with Client Security is set to "CLIENT.APP.AV == SYMANTEC EXISTS" and the quarantine group is set to QUARGRP Which client will be provided to a user who logs on to the virtual server from a client device that is NOT running Symantec Antivirus? A. B. C. D. Web Interface Clientless Access Citrix Access Gateway Plugin for Java Citrix Access Gateway Plugin for Windows
QUESTION 10 A network administrator is instructed to perform client-side cleanup before every session over the Citrix Access Gateway Plugin for Windows through the Access Gateway appliance.What is true about client-side cleanup? A. Client-side cleanup clears the history of the browser. B. Client-side cleanup cleans up data regularly during the session. C. Client-side cleanup will delete all Internet Explorer temporary files. http://certvn.wordpress.com D. Client-side cleanup will NOT clean up any data before the session starts. Answer: D Section: (none) Explanation/Reference:
QUESTION 11 When creating a Web Interface XenApp Services site for use with Access Gateway 9.0, Enterprise Edition, which access method or authentication should be specified for the XenApp Services site? A. B. C. D. SmartAccess Control Explicit authentication Advanced Access Control Pass-through authentication
QUESTION 12 To configure Access Gateway 9.0, Enterprise Edition as a replacement for Secure Gateway, which two actions must an administrator perform? (Choose two.)
A. B. C. D.
Enable the client choices option Change the ICA Proxy setting to ON Change the Windows Plugin Type to ICA Enter the URL of the Web Interface server in the Web Interface Home Page field
Answer: BD Section: (none) Explanation/Reference:
QUESTION 13 Scenario: A consultant of a new Access Gateway 9.0, Enterprise Edition deployment at a customer site was given the following information and IP addresses to use when configuring the Access Gateway appliance: Internal Citrix XenApp server 5.0 IP address: 192.168.100.12 Time Zone to be used: Eastern Standard Time (EST) IP addresses to be used when configuring the Access Gateway 9.0, Enterprise Edition deployment NSIP: 10.165.30.45 MIP: 10.165.30.60 VIP: 12.15.30.62 Which two options should be configured on the Access Gateway appliance in order to communicate with the Citrix XenApp server? (Choose two.) A. B. C. D. Subnet IP in the 192.168.100.x subnet Intranet IP in the 192.168.100.x subnet Static Route to the 192.168.100.x subnet Virtual Server in the 192.168.100.x subnet
QUESTION 14 What is the minimum assignment of rights that users must have in order to install the Citrix Access Gateway Plugin for Windows for the first time on a client device? http://certvn.wordpress.com A. B. C. D. Power User Authenticated User Local Administrator Domain Administrator
QUESTION 15 Scenario: The following policies are configured in an environment in order to provide remote access through Access Gateway 9.0, Enterprise Edition: A. All the users must have a validator file, Employee.cer, on the C drive NOT older than 7 days before they can attempt to login. B. The keylogger.exe process must be killed before a user can log on. C. The Employee.cer validator file must be deleted after successful logon. D. An updated Employee.cer validator file must be put on the C drive for next use. The administrator in the environment needs to use pre-authentication policies and a logon script for this deployment. Which two policies can the administrator implement using pre-authentication end point analysis alone? (Choose two.) Answer: AB Section: (none) Explanation/Reference:
QUESTION 16 Which three entities could be used to configure SmartAccess? (Choose three.) A. B. C. D. E. Traffic policy Session policy Session profile Authorization profile Pre-authentication policy
Answer: BCE Section: (none) Explanation/Reference:
QUESTION 17 When integrating Web Interface into the default home page, what is the preferred portal mode for Web Interface? A. B. C. D. Hybrid Normal Custom Compact
QUESTION 18 Scenario: A group of students need access to an online examination for only one hour. The group must be prompted periodically about the logout time during the last three minutes of their one hour session, and the session must time out exactly after one hour. Which setting should the http://certvn.wordpress.com administrator enable when configuring Access Gateway to provide access to these students? A. Kill all the sessions pertaining to the students exactly after one hour B. Specify the login and logout time so that the students' connections can time out exactly after one hour C. Configure a session profile with a forced time out warning value of three minutes and forced time out time of one hour D. Configure a session profile with a session time out warning value of three minutes and session time out time of one hour E. Configure a session profile with a client idle time out warning value of three minutes and client idle time out time of one hour Answer: C Section: (none) Explanation/Reference:
QUESTION 19 An administrator enabled the file type association.Which policy can the administrator use to bind this parameter to a group of users? A. B. C. D. Traffic Session Authorization Pre-authentication
Answer: A Section: (none) Explanation/Reference:
QUESTION 20 In which two instances must an Access Gateway 9.0, Enterprise Edition policy name match the name of a filter that is bound to another policy? (Choose two.) A. Access Gateway 9.0, Enterprise Edition is being configured for SmartAccess integration with XenApp B. Access Gateway 9.0, Enterprise Edition is being configured for single sign-on integration with Web Interface C. The other policy is being applied to a XenApp hosted application that is being accessed through the Access Gateway appliance D. The other policy is being applied to a Web Interface server that is performing authentication on behalf of the Access Gateway appliance Answer: AC Section: (none)
Explanation/Reference:
QUESTION 21 The Citrix Access Gateway Plugin for Windows needs administrative privileges _______ and ________ on a Windows XP device. (Choose the two correct phrases to complete the sentence.) A. B. C. D. For installation For upgrading or downgrading of the system For Endpoint Analysis checks that require administrative privileges For those rare situations where it will be used as an antivirus application
QUESTION 22 What is the minimum assignment of rights that users must have in order to install the Citrix Access Gateway Plugin for Windows for the first time on a client device? http://certvn.wordpress.com A. B. C. D. Power User Authenticated User Local Administrator Domain Administrator
Exam B QUESTION 1 When configuring a Web Interface XenApp Services site for SmartAccess where the Citrix Access Gateway Plugin for Windows is present and traffic is being tunneled to Web Interface, which access method should an administrator configure in the "Edit DMZ Settings" portion of the Access Management Console? A. B. C. D. Direct Translated Gateway Direct Gateway Translated
QUESTION 2 When configuring the access control properties of a published application on a XenApp server, http://certvn. wordpress.com which name should an administrator specify for the Access Gateway filter? A. B. C. D. Session Policy Session Profile Access Gateway virtual server IP Address of the Access Gateway virtual server
QUESTION 3 While configuring Access Gateway 9.0, Enterprise Edition, an administrator wants to implement encryption services by using a private key type featured in the product.Which two private key types should the administrator select from the "Choose private key type" drop-down list in the SSL Certificate Wizard to meet this requirement? (Choose two.) A. B. C. D. DER DSA RSA 3DES
Answer: BC Section: (none) Explanation/Reference:
QUESTION 4 An administrator needs to ensure that a virtual server is available to accept VPN connections and shows an "UP" state in the Configuration Utility.Which entity must an administrator bind to the Access Gateway virtual server to achieve this? A. B. C. D. A session policy A Next-Hop server An authentication policy A valid server certificate
QUESTION 5 Scenario: Due to recent security breaches, an administrator must immediately change the default password for the nsroot account to mysecret. Access to the Configuration Utility is unavailable. Which command lineinterface command should the administrator use to change the default password for the nsroot account? A. B. C. D. Set aaa user nsroot mysecret Add nsroot password mysecret Set system user nsroot mysecret Add system user nsroot mysecret
QUESTION 6 A syslog server is running behind a firewall in an environment.Which port should an administrator open on the firewall in this environment in order for logs to reach the syslog server from the Access Gateway appliance? A. 443 B. 514 C. 1024 http://certvn.wordpress.com D. 1400 Answer: B Section: (none) Explanation/Reference:
QUESTION 7 Which policy should a senior administrator configure in order to grant a junior administrator read- only access on an Access Gateway appliance?
A. B. C. D.
Traffic Session Command Authorization
QUESTION 8 An administrator for Access Gateway 9.0, Enterprise Edition suspects that some users in the environment are misusing the remote access granted to them by accessing and downloading some restricted intranet web resources.What should the administrator check first on the Access Gateway appliance in order to investigate these users' remote access behavior? A. B. C. D. Audit logs Network traces Statistic counters Client side debug trace files
QUESTION 9 An IT manager instructed the network administrator to separate the Access Gateway appliance in an environment from the Web Interface server using a firewall that performs Network Address Translation (NAT). Which two access methods could the administrator configure for Access Gateway 9.0, Enterprise Edition based on the requirements of this scenario? (Choose two.) A. B. C. D. E. Direct Translated Gateway Direct Gateway Alternate Gateway Translated
Answer: DE Section: (none) Explanation/Reference:
QUESTION 10 Scenario: Dual-source authentication is configured on the Access Gateway 9.0, Enterprise Edition appliance. The appropriate group extraction configuration is configured on both the primary and secondary authentication servers, and a user named "User1" exists on both authentication servers. How will groups be extracted for
"User1"? A. Only the groups in the secondary authentication server will be extracted and matched to the group names configured on the primary authentication server. B. Only the groups from the primary authentication server will be extracted and matched to the group names configured on the secondary authentication server. C. The applicable groups from both the primary and secondary authentication servers will be extracted and matched to the group names configured on the appliance. D. The groups from the primary authentication server will be extracted and matched to the group http://certvn. wordpress.com names configured on the secondary authentication server by the administrator. Answer: C Section: (none) Explanation/Reference:
QUESTION 11 An administrator has enabled split tunneling for an environment. What must the administrator do to ensure that the plugin on user devices intercepts intranet traffic only and routes other traffic directly to the appropriate servers? A. B. C. D. Set split tunneling to OFF Define an intranet application Change the routing table on the client devices to tunnel intranet traffic to the intranet Assign intranet IP addresses to resources that users are accessing through the Access Gateway appliance
QUESTION 12 Scenario: An administrator created a new Access Gateway virtual server. The administrator did NOT bind any session policies to the virtual server. What is the default authorization action for users logging in to this virtual server? A. B. C. D. ALLOW, this is the default behavior. ALLOW, but place users in a quarantine group. DENY, the default authentication policy must be applied. DENY, either a session policy or a traffic policy must exist.
QUESTION 13
When using the Access Gateway configuration utility to create a new Authentication Server for RADIUS authentication, some fields represented in the configuration utility window are required. Of the possible choices on the left, drag the correct selections to the boxes on the right. There are three correct choices.
http://certvn.wordpress.com A. B. C. D. Answer: Section: (none) Explanation/Reference:
QUESTION 14 Scenario: Connected users need to be able to access Internet-based content without being routed through the internal LAN gateway. Split tunneling is turned off in the global settings.Where should an administrator override the global settings to turn split tunneling on? A. B. C. D. Traffic policy Traffic profile Session policy Session profile
QUESTION 15 A public research university needs to provide remote access to the students in its distance learning program. Which Access Gateway 9.0, Enterprise Edition plugin should the network administrator configure in order to ensure that students are able to connect to the environment regardless of the operating systems on their end devices? http://certvn.wordpress.com A. Citrix XenApp plugin B. Citrix Access Gateway Plugin for Java C. Citrix Access Gateway Plugin for ActiveX
D. Citrix Access Gateway Plugin for Windows Answer: B Section: (none) Explanation/Reference:
QUESTION 16 A network administrator has been instructed to configure intranet applications for the Access Gateway Plugin for Windows and the Access Gateway Plugin for Java. Which two interception modes should the administrator select when configuring the intranet applications for the plugins in this environment? (Choose two.) A. B. C. D. E. Proxy Normal Encrypt Opaque Transparent
Answer: AE Section: (none) Explanation/Reference:
QUESTION 17 A network administrator wants to create different intranet applications for users running the Citrix Access Gateway Plugin for Windows.The administrator should create the intranet application by _______ . (Choose the correct phrase to complete the sentence.) A. B. C. D. Configuring intranet IP addresses Configuring client application name with port ranges Creating a range of IP addresses with interception transparent mode Creating an IP address and a subnet mask with interception proxy mode
QUESTION 18 Scenario: An administrator must bind a policy that changes specific configuration settings for certain users. The administrator enables single sign-on (SSO) within the profile of the policy.Which type of policy must the administrator use in order to complete the task? A. B. C. D. Session Authorization Authentication TCP Compression
QUESTION 19 Scenario: An administrator wants to ensure that whenever users connecting over the Access Gateway Plugin for Windows try to access corporate network resources and servers by name, the name of those resources and servers resolves to the IP addresses in the corporate network. What are two ways the administrator can configure the settings to meet the needs of this environment? (Choose two.) A. Set split tunneling to OFF http://certvn.wordpress.com B. Configure an intranet IP address C. Set split tunneling to ON and DNS to Remote D. Configure an intranet application and set split tunneling to OFF Answer: AC Section: (none) Explanation/Reference:
QUESTION 20 Scenario: CompanyA has one 7000 series Access Gateway appliance (Node 1) that is providing access to their internal systems for their employees and business partners. In order to implement high availability (HA), CompanyA purchased another 7000 series Access Gateway appliance (Node 2) and needs to have Node 2 configured. The network administrator has been tasked with carrying out the configuration and has been instructed to maintain all of the existing configurations. How should the administrator configure HA using the Configuration Utility in this environment? A. On Node 1, enter a node ID and a mapped IP address. On Node 2, enter a node ID and a mapped IP address. B. On Node 2, enter a node ID and a mapped IP address. On Node 1, enter a node ID and a mapped IP address. C. On Node 2, enter a node ID and a NetScaler IP address. On Node 1, enter a node ID and a NetScaler IP address. D. On Node 1, enter the node ID and the NetScaler IP address of Node 2. On Node 2, enter the node ID and the NetScaler IP address of Node 1. Answer: D Section: (none) Explanation/Reference:
QUESTION 21 Which policy should a senior administrator configure in order to grant a junior administrator read- only access on an Access Gateway appliance? A. Traffic
B. Session C. Command D. Authorization Answer: C Section: (none) Explanation/Reference:
QUESTION 22 A public research university needs to provide remote access to the students in its distance learning program. Which Access Gateway 9.0, Enterprise Edition plugin should the network administrator configure in order to ensure that students are able to connect to the environment regardless of the operating systems on their end devices? http://certvn.wordpress.com A. B. C. D. Citrix XenApp plugin Citrix Access Gateway Plugin for Java Citrix Access Gateway Plugin for ActiveX Citrix Access Gateway Plugin for Windows
Exam C QUESTION 1 An administrator must configure an IP address that will be used by the Access Gateway appliance as a source IP address to connect to internal servers on the corporate network. Which IP type must the administrator configure? A. B. C. D. Virtual IP Mapped IP NetScaler IP Global Server Load Balancing site IP
QUESTION 2 Which type of IP address must an administrator configure on an Access Gateway appliance to allow applications like Exceed and Netmeeting to initiate connections successfully back to users running the Access Gateway Plugin for Windows? A. B. C. D. Direct Subnet Intranet Mapped
QUESTION 3 Scenario: An Access Gateway virtual server is configured with the following three global settings: Client Security is set to "CLIENT.APP.AV == SYMANTEC EXISTS" http://certvn.wordpress.com Client Choices is set to ON Clientless Access is set to ON Which client choice(s) will be available to a user logging in from a device running a Windows operating system but which is NOT running the Symantec Antivirus? A. B. C. D. Clientless Access only Citrix Access Gateway Plugin for Windows only Citrix Access Gateway Plugin for Java and Clientless Access Web Interface, Clientless Access and Citrix Access Gateway Plugin for Windows
Answer: A Section: (none)
QUESTION 4 Arrange the steps required to configure DNS settings along with monitors for a particular user in the correct order.
A. B. C. D. Answer: Section: (none) Explanation/Reference:
QUESTION 5 Scenario: Access Gateway 9.0, Enterprise Edition is deployed in an environment where packet loss is prevalent. The administrator in the environment has been instructed to log all the users' requests to HTTP resources in a reliable manner so that all the audit logs generated will be logged and preserved for a very long period of time.Which logging option will preserve audit logs for a very long period of time?
A. B. C. D.
Use a syslog server running on the Access Gateway for logging Use the auditserver running on the Access Gateway for logging Use the auditserver running on a remote system with at least 10 GB of disk space Use a syslog server running on a remote system with at least 100 GB of disk space
Answer: C Section: (none) Explanation/Reference: http://certvn.wordpress.com QUESTION 6 In a deployment where the internal servers are NOT accessible by the mapped IP address or through the default router, how many IP addresses are needed for the Access Gateway implementation? A. B. C. D. 2 3 4 5
QUESTION 7 An administrator just configured a client security check using the following expression: CLIENT.OS(winxp).SP == 2 -frequency 2 The "2-frequency 2" portion of the policy expression indicates __________. (Choose the correct option to complete the sentence.) A. B. C. D. 2 hotfixes and run every 2 hours 2 hotfixes and run every 2 minutes Service Pack 2 and run every 2 hours Service Pack 2 and run every 2 minutes
QUESTION 8 How can an administrator disable the SSL warning message? A. The SSL warning message cannot be disabled in the Configuration Utility B. Select Access Gateway global settings > Client Experience Advanced > General, deselect SSL warning message
C. Select Access Gateway global settings > Security Settings Advanced > Client Security, enable SSL warning message D. Select Access Gateway global settings > Client Experience Advanced > Client Options, deselect SSL warning message Answer: A Section: (none) Explanation/Reference:
QUESTION 9 An administrator needs to enable single sign-on (SSO) for HTTP web pages residing on a server (ServerABC). Which rule should the administrator configure in a traffic policy to enable SSO for HTTP web pages on the server? A. B. C. D. REQ.HTTP.IP == ServerABC REQ.IP.DESTIP == ServerABC REQ.IP.DESTIP == ServerABC & REQ.TCP.DESTPORT == 80 REQ.IP.SOURCEIP == ServerABC & REQ.TCP.DESTPORT == 80
QUESTION 10 Scenario: An administrator has set the default authorization action to DENY. A specific group of http://certvn. wordpress.com users needs access to some resources.Which two steps should the administrator take to allow these users to access the necessary resources? (Choose two.) A. B. C. D. E. Bind a new authorization policy at the group level Create a new session policy and set it to ALLOW Bind the existing authorization policy at the global level Modify the default authorization action and set it to ALLOW Create a new authorization policy to ALLOW access to the resources
Answer: AE Section: (none) Explanation/Reference:
QUESTION 11 Scenario: An administrator wants to ensure that users can still access internal Outlook Web Access even if they do not pass a post authentication scan. Users who do not pass a post authentication scan must be given limited access.Which option should the administrator select in the Access Gateway wizard in order to meet the requirements of this scenario?
A. B. C. D.
Use Web Interface pass through Use Access Gateway Plugin only Turn off the Citrix Access Gateway Plugin for Windows Allow users to logon using a web browser and clientless access
QUESTION 12 The Policy Precedence Model for Access Gateway 9.0, Enterprise Edition is the priority level in which multiple ________________ are prioritized, evaluated and enforced. (Choose the correct phrase to complete the sentence.) A. B. C. D. Profiles of different types Profiles of the same type Policies of different types Policies of the same type
QUESTION 13 Which session policy option must an administrator select to ensure the use of mapped IP addresses when the appliance runs out of intranet IP addresses to assign to new users? A. B. C. D. ON OFF SPILLOVER NOSPILLOVER
QUESTION 14 Once a pre-authentication policy is configured, what does an administrator need to do in order for the policy to work? A. B. C. D. Identify a process to monitor Add an authentication server Bind the policy at the global or virtual server level Bind the policy to the IP address of the authentication server http://certvn.wordpress.com
QUESTION 15 Which policy should an administrator configure to optimize bandwidth usage in an environment? A. B. C. D. Traffic Session Authorization TCP Compression
QUESTION 16 Scenario: A system administrator has been asked to configure Access Gateway 9.0, Enterprise Edition so that users are NOT presented with the choices page and can only connect clientlessly. The administrator has decided to perform this configuration at the global level. What should be set under the Client Experience tab?
A. B. C. D.
Clientless Access to On Plugin Type to Windows Clientless Access URL Encoding to Clear Windows Plugin Type to Access Gateway http://certvn.wordpress.com
QUESTION 17 Which option in the Configuration Utility allows an administrator to limit the number of users who can log in to an Access Gateway 9.0, Enterprise Edition environment? A. B. C. D. Select Access Gateway > Virtual Servers, Maximum Users Select Systems > Virtual Servers > Policies, Maximum Users Select Systems > Connections > Authentication settings, Maximum number of users Select Access Gateway > Global > Authentication settings, Maximum number of users
Answer: D Section: (none)
QUESTION 18 Scenario: A company recently acquired two other companies. Users from the two acquired companies have been using RADIUS and TACACS authentications. An administrator in the environment of the parent company has been instructed to reconfigure the Access Gateway infrastructure such that all the users in the environment can have the opportunity to authenticate to the same virtual server using different forms of authentication.Which Access Gateway 9.0, Enterprise Edition authentication type would allow these users to authenticate? A. B. C. D. Local Inherited Cascading Double-source
QUESTION 19 Scenario: In an environment, contractors use workstations in conference rooms that are outside of the corporate intranet to log on to Access Gateway in order to access resources within the corporate intranet. These workstations are running Windows operating systems, but the contractors' accounts do NOT have administrative privileges. In order for the contractors to access the corporate intranet, some Access Gateway end-point scans need to be performed.Which two operations must the administrator perform in order to give the contractors the appropriate access? (Choose two.) A. B. C. D. E. Set Clientless Access to "ON" in the session profile for all the contractors Set the Windows Plugin Type to "Plugin" in the session profile for all the contractors Pre-install the Citrix Access Gateway Plugin for Windows on the workstations in the conference rooms Set the Citrix Access Gateway Plugin for Windows type to "Java" in the session profile for all the contractors Set the Windows Plugin Type to "Citrix Access Gateway Plugin for Windows" in the session profile for all the contractors
Answer: CE Section: (none) Explanation/Reference:
QUESTION 20 A network administrator needs to configure the Citrix Access Gateway Plugin for Windows in order for it to uninstall from client devices during logout from a session through the Access Gateway appliance. Which client cleanup level should the administrator configure in order to meet the stated requirement? http://certvn.wordpress.com
A. B. C. D.
Data None All Items Web browser
Exam D QUESTION 1 Scenario: An Access Gateway virtual server is configured with these settings: 1.A session profile named SECUREPROF, with ICA Proxy set to ON and the Web Interface address set to http://10.102.32.201/Citrix/AccessPlatform 2.A session policy named SECUREPOL, with the expression "CLIENT.APP.AV == SYMANTEC EXISTS" and the profile set to SECUREPROF 3.The SECUREPOL session policy is bound to the Access Gateway virtual server Which access method will be provided to a user who selects the 'Skip Scan' option while logging into the virtual server from a Linux machine? A. B. C. D. Web Interface Denied Access Clientless Access Citrix Access Gateway Plugin for Java
QUESTION 2 Which three Internet Explorer settings could an administrator configure to use the Access Gateway 9.0, Enterprise Edition Citrix Access Gateway Plugin for ActiveX? (Choose three.) A. B. C. D. E. Enable "Automatic prompting for file downloads" Enable "Automatic prompting for Citrix Access Gateway Plugin for ActiveX controls" Set "Run Citrix Access Gateway Plugin for ActiveX controls and plug-ins" to Prompt or Enable Set "Download signed Citrix Access Gateway Plugin for ActiveX controls" to Prompt or Enable Set "Download unsigned Citrix Access Gateway Plugin for ActiveX controls" to Prompt or Enable
Answer: BCD Section: (none) Explanation/Reference:
QUESTION 3 Which two issues may prevent a user from installing the Citrix Access Gateway Plugin for Windows on a remote device? (Choose two.) A. B. C. D. The user has Internet Explorer and Firefox installed on the remote client device. The user is running a client firewall that may be blocking the installation process. The user is NOT an administrator nor a member of the local administrative group. The user is running the Windows Vista operating system on the remote client device instead of Windows XP.
Answer: BC Section: (none)
QUESTION 4 An administrator is configuring client-side clean up for users accessing resources through an Access Gateway virtual server and using the Citrix Access Gateway Plugin for Windows. Which three settings must the administrator configure in order to implement client-side cleanup for users http://certvn.wordpress.com connecting to the virtual server in this environment? (Choose three.) A. B. C. D. E. Clean up IE browser cookies Clean up disk space on this device Clean up IE browser auto-completion Clean up unused desktop items on this device Clean up CIFS password when accessing Intranet file systems through CIFS connections
Answer: ACE Section: (none) Explanation/Reference:
QUESTION 5 On which three Windows operating systems does the Citrix Access Gateway Plugin for ActiveX run? (Choose three.) A. B. C. D. E. F. XP Vista 98 SE 2003 Server 2008 Server 2000 Professional
Answer: ADF Section: (none) Explanation/Reference:
QUESTION 6 Scenario: CompanyA has two Access Gateway virtual servers to provide employees and partners with remote access to internal resources using LDAP authentication. The security team at CompanyA has mandated that every employee connecting to the corporate network must pass a pre-authentication check that identifies his or her client device as a corporate device. The scans will include Symantec Antivirus version 10 and some registry checks.The administrator in this environment should bind the pre-authentication policy at the __________. (Choose the correct phrase to complete the sentence.) A. B. C. D. User level Global level Partner access virtual server level Employee corporate access virtual server level
QUESTION 7 When configuring a Web Interface XenApp Services site for SmartAccess, what should the administrator type as the address in the Advanced Access Control Service URL field in the Managed Access Method screen? A. B. C. D. The IP address of the MIP The IP address of the Access Gateway appliance The fully qualified domain name of the Access Gateway appliance The fully qualified domain name of the Access Gateway virtual server
QUESTION 8 Scenario: A major technology company wants to upgrade their current Access Gateway deployment to ensure that it meets their growing remote access needs as they acquire new companies. Currently, the company is supporting nearly 3,000 concurrent users on their existing http://certvn.wordpress.com Access Gateway virtual server and expects the concurrent user sessions through Access Gateway to increase by 40% over the next year.Which Access Gateway appliance platform series handles the most concurrent user traffic? A. B. C. D. 2000 7000 10000 11000
QUESTION 9 When adding the Secure Ticket Authority (STA) server information, which server name is used as the address of the STA? A. B. C. D. The Web Interface server The Certificate Authority server The Access Gateway virtual server The XenApp server running the XML service
Answer: D
Section: (none) Explanation/Reference:
QUESTION 10 Which two policy types are sent as SmartAccess filter names when integrating Access Gateway 9.0, Enterprise Edition with XenApp? (Choose two.) A. B. C. D. E. Traffic Session Authorization Authentication Pre-Authentication
Answer: BE Section: (none) Explanation/Reference:
QUESTION 11 Scenario: A consultant is in charge of a new Access Gateway 9.0, Enterprise Edition implementation at a large customer site and must address the following security requirements: 1.If APP1.EXE is running on the local machine, do NOT allow access to the virtual server authentication page 2.If APP2.EXE is running on the local machine, allow access to the virtual server authentication page after CMD.EXE is closed 3.If APP3.EXE is NOT found on the local machine, allow access to the virtual server authentication page Which policy type must be used to configure these security requirements? A. B. C. D. Traffic Authorization Authentication Pre-Authentication
QUESTION 12 http://certvn.wordpress.com Scenario: An administrator is responsible for replacing a Secure Gateway server with an Access Gateway appliance. The administrator needs to make use of the existing Secure Gateway server certificates.What are two certificate formats that Access Gateway 9.0, Enterprise Edition supports? (Choose two.) A. DER B. PEM
C. PKCS #7 D. PKCS #11 Answer: AB Section: (none) Explanation/Reference:
QUESTION 13 When configuring the access control properties of a published application on a XenApp server, which entity name should an administrator specify for Access Gateway? A. B. C. D. Traffic policy Session profile Secure Ticket Authority Access Gateway virtual server
QUESTION 14 Scenario: An administrator creates a session policy with ns_true as the rule and a corresponding session profile with a rule checking for Sophos Personal Firewall on the client security option page. The session policy was bound at the global level.If a user logs in from a client that is only running the Sophos antivirus, the user will be _______. (Choose the correct phrase to complete the sentence.) A. B. C. D. Denied access Allowed access without restrictions Allowed to log in with limited privileges Denied access until the Sophos antivirus is uninstalled
QUESTION 15 An administrator needs to ensure that users can launch specific applications and open specific documents once they click on a HTTP link pointing to the desired application or document. Which feature should the administrator configure when publishing the applications in order to meet the stated requirements? A. B. C. D. ICA Proxy mode Clientless Access File Type Association Access Scenario Fallback
QUESTION 16 Which policy or filter must be set up correctly when configuring SmartAccess integration with XenApp in order for the policy to be applied on a XenApp server? A. The XenApp server policy must be applied to one of the authenticating user's groups http://certvn. wordpress.com B. The policy name on the Access Gateway appliance must match the policy name on the XenApp server C. The filter name that is bound to the XenApp server policy must match the name of the Access Gateway virtual server D. The policy name on the Access Gateway appliance must match the filter name that is bound to the policy that is being applied to the XenApp server hosted application Answer: D Section: (none) Explanation/Reference:
QUESTION 17 A senior administrator needs to grant a junior administrator access to the Access Gateway appliance but NOT to the system command or shell prompt. Which pre-configured command policy should the administrator choose based on the stated requirement? A. B. C. D. Network Operator Read-only Superuser
QUESTION 18 What is true about double-source authentication? A. B. C. D. It uses the same user name and password for both the primary and the secondary nodes. It uses the same user name and two separate passwords for the primary and secondary nodes. It uses two separate user names and the same password for the primary and secondary nodes. It uses two separate user names and passwords, one for the primary node and one for the secondary node.
Answer: B Section: (none)
QUESTION 19 Scenario: An administrator is configuring Access Gateway 9.0, Enterprise Edition in an environment that consists of a double-hop DMZ deployment. The administrator wants connections from the Citrix XenApp Plugin for Hosted Apps on the Internet to go through the first firewall in order to connect to the Access Gateway appliance in the first DMZ.Which port should the administrator enable on the first firewall? A. B. C. D. E. 80 389 443 1494 1812
QUESTION 20 An administrator wants to analyze the latest log file generated by the Access Gateway appliance.Which file contains the logs required by the administrator? A. /var/log/ns.log B. /var/log/agvpn.log http://certvn.wordpress.com C. /var/log/nsvpnd.log D. /var/log/httpacess.log Answer: A Section: (none) Explanation/Reference:
Exam E QUESTION 1 What must an administrator do in order to obtain a certificate from an authorized Certificate Authority? A. B. C. D. Create and submit a Key Request Create and submit a Certificate Signing Request Log on to a Certificate Authority and download a certificate Connect to the Certificate Authority as a client, and the Certificate Authority will issue a certificate automatically
QUESTION 2 Scenario: A company currently has Secure Gateway in its environment. The company has been undergoing major expansions, and the number of employees has grown by 60% over the past three years. Recently, the company acquired a new company and the network administrators were instructed to integrate the new company into the existing environment. Due to the increase in the number of employees, there is a higher demand for more servers and rack space. The senior network administrator intends to replace Secure Gateway with Access Gateway 9.0, Enterprise Edition in order to avoid having to purchase more servers in order to expand the existing Secure Gateway implementation to meet the growing needs of the environment. Which Access Gateway 9.0, Enterprise Edition connection type would meet the needs of this environment? A. B. C. D. ICA Proxy mode Clientless Access Access Gateway Plugin with clientless interception Access Gateway Plugin with transparent interception
QUESTION 3 An environment consists of two Access Gateway appliances in one arm-mode, in a high availability setup. Which type of IP address is required to access the intranet network resources in this environment? A. B. C. D. Virtual Mapped NetScaler Default gateway
QUESTION 4 An administrator must ensure that every user device runs personal firewall software before the device can establish a secure channel in full client mode to the intranet.Which policy must the administrator configure to meet the need of this scenario? A. Traffic B. Session http://certvn.wordpress.com C. Authorization D. Pre-Authentication Answer: D Section: (none) Explanation/Reference:
QUESTION 5 Scenario: An organization wants to use Access Gateway 9.0, Enterprise Edition to provide remote users with access to published applications on a Web Interface server. The organization wants users to authenticate on the Web Interface server and has requested that authentication be turned off on the Access Gateway virtual server. Which three operations must the administrator perform for published applications to launch successfully? (Choose three.) A. B. C. D. E. F. Set ICA Proxy to ON Set single sign-on to ON Configure NTdomain for the XenApp servers Configure WIhome for the appropriate XenApp Services site Bind the Secure Ticket Authority server at the Access Gateway global level Bind session policies or preauthentication policies to the Access Gateway global level Page
Answer: ADE Section: (none) Explanation/Reference:
QUESTION 6 Scenario: CompanyA is expanding its Sales operations and is bringing on more outside sales associates who will be traveling to customer locations. The outside sales associates will need to access corporate applications through the Access Gateway appliance. All sales associates will be using company-issued laptops with Windows operating systems and will need access to corporate web-based applications such as Outlook Web Access and the internal sales portal sites through which they will enter orders. In which two entities in the Configuration Utility can an administrator in CompanyA's environment configure redirection to a customized Access Gateway Home Page? (Choose two.) A. B. C. D. Traffic profile User settings Group settings Session profile
E. Global Access Gateway settings Answer: DE Section: (none) Explanation/Reference:
QUESTION 7 Which three authentication types can an administrator configure in an Access Gateway 9.0, Enterprise Edition environment? (Choose three.) A. B. C. D. E. PAP LDAP CHAP RADIUS TACACS
Answer: BDE Section: (none) Explanation/Reference:
QUESTION 8 Scenario: An administrator is configuring remote access to applications through the Access Gateway appliance for specific users. All of the applications require a unique source IP address to access resources on the corporate network.Which type of IP address should the administrator http://certvn.wordpress.com define in order to ensure that the applications are accessible to those users? A. B. C. D. Subnet Intranet Mapped NetScaler
QUESTION 9 What are three pieces of information that are required to configure Access Gateway 9.0, Enterprise Edition to authenticate users with LDAP servers? (Choose three.) A. B. C. D. E. Bind DN Base DN Server DN Bind DN password Base DN password
Answer: ABD Section: (none) Explanation/Reference:
QUESTION 10 Scenario: A network administrator is planning the remote access infrastructure for an Access Gateway 9.0, Enterprise Edition environment. In this environment, employees, vendors and customers will need to use different methods of authentication. The administrator would like to ensure that each authentication is hosted on a separate server. Which authentication method must the administrator implement when configuring this environment? A. B. C. D. Cascading Client-Based Server-Based Double-source
QUESTION 11 Which two options must be specified in a session profile to allow access to Web Interface through an Access Gateway 9.0, Enterprise Edition appliance? (Choose two.) A. B. C. D. Authentication Policy Windows Plugin Type Web Interface Address Single Sign-on Domain
Answer: CD Section: (none) Explanation/Reference:
QUESTION 12 An administrator needs to implement an authorization policy on the Access Gateway appliance that will restrict all users to use one type of browser to access internal web-based resources. A global authorization policy with _______ and an authorization policy bound to the _______, which allows access based on the browser type, will meet the needs of this environment. (Choose the two correct options to complete the sentence.) A. "Allow All"; user-level B. "Deny All"; group-level http://certvn.wordpress.com C. "Allow All"; global-level D. "Deny All"; virtual server-level
Answer: BD Section: (none) Explanation/Reference:
QUESTION 13 Which two parameters must be configured within the Access Gateway 9.0, Enterprise Edition Global Authentication RADIUS settings or RADIUS Authentication Server settings in order to extract groups from a RADIUS server? (Choose two.) A. B. C. D. Login Name Search Filter Group Attribute Type RADIUS Group Vendor ID
QUESTION 14 Scenario: An Access Gateway appliance was deployed and an Access Gateway virtual server site was created for external users. When members of the "Sales" group log in, they should see the NavUI with three bookmarks for different sales related applications. When members of the "Shift Worker" group log in, they should get two published applications. The system administrator gets a call stating that everyone trying to access the virtual server is getting the "Page could not be found" error message.What are two possible reasons for this? (Choose two.) A. B. C. D. E. Web Interface is NOT available. The MIP is NOT properly configured. The Access Gateway virtual server is in a down state. The SSL certificate is NOT bound to the Access Gateway virtual server. The FQDN of the certificate added for the SSL VPN virtual server does NOT match the FQDN of the SSL VPN site.
QUESTION 15 Which policy can an administrator use to modify the default authorization setting for an environment? A. B. C. D. Traffic Session Authorization Authentication
QUESTION 16 An administrator needs to use RADIUS as an authentication method for the users.Which IP address type should the administrator add in the client file of the RADIUS server for the authentication to work correctly? A. B. C. D. Subnet Mapped NetScaler Virtual Server http://certvn.wordpress.com
QUESTION 17 For security reasons, an administrator wants to have granular timeout control over specific user sessions when connected through the Access Gateway appliance.Which three timeout settings can the administrator configure to control a user's session? (Choose three.) A. B. C. D. E. Client Idle Client Forced Appliance Session Appliance Bandwidth Appliance Connection
Answer: ABC Section: (none) Explanation/Reference:
QUESTION 18 Place the listed steps in the order that an administrator would follow to create and install a Certificate Authoritysigned certificate for Access Gateway Enterprise Edition 9.0.
http://certvn.wordpress.com QUESTION 19 Which feature requires an administrator to define more than one Secure Ticket Authority (STA) server when configuring Web Interface and Access Gateway? A. B. C. D. Server affinity Fault tolerance Load balancing High Availability
QUESTION 20 Scenario: A company has the following auditing requirements: A. All the audit messages generated with severity CRITICAL and EMERGENCY should be logged on the server with IP address 192.54.1.1. B. All the HTTP resources accessed by user1 should be logged on the server with IP address 192.54.1.3.
C. All the other log messages need to be logged to an auditlog server with IP address 192.54.1.2. There are 5 auditlog policies with the following settings: auditlogpol1 : ServerIP : 192.54.1.1 LogLevel : CRITICAL EMERGENCY auditlogpol2 : ServerIP : 192.54.1.2 LogLevel : DEBUG CRITICAL ERROR INFORMATIONAL EMERGENCY ALERT NOTICE WARNING auditlogpol3 : serverIP : 192.54.1.3 LogLevel : INFORMATIONAL auditlogpol4 : serverIP : 192.54.1.1 LogLevel : DEBUG ERROR ALERT INFORMATIONAL NOTICE WARNING auditlogpol5 : ServerIP : 192.54.1.2 LogLevel : DEBUG ERROR ALERT NOTICE WARNING D. E. F. G. Which bindings will meet the requirements of this environment? Bind auditlogpol1 to user1 and bind auditlogpol2 to user1 Bind auditlogpol5 at the global level and bind auditlogpol1 to user1 Bind auditlogpol1 and auditlogpol4 at the global level and bind auditlogpol3 to user1 Bind auditlogpol1 and auditlogpol5 at the global level and bind auditlogpol3 to user1
Exam F QUESTION 1 An administrator has been instructed to give a specific employee in the Finance group access to Engineering resources. To which level should the administrator assign the policy when configuring access for this employee? A. B. C. D. E. User Team Group Organization Virtual server
QUESTION 2 Scenario: An organization has deployed Access Gateway 9.0, Enterprise Edition, as depicted in the diagram given below. Office and lab workstations are in VLANs 2 and 3 respectively. The uplink router has two virtual interfaces with VLAN 2 and VLAN 3 bound to each of the interfaces. Access Gateway is deployed in the diagram below. Office Desktop and Lab Desktop are in VLANs 2 and 3 respectively. The uplink router has two virtual interfaces, VLAN 2 and VLAN 3 bound to each of them. Configure the member interfaces appropriately in the graphical user interface by dragging and dropping them in the appropriate locations in the screenshot.
A. B.
C. D. Answer: Section: (none) Explanation/Reference:
http://certvn.wordpress.com QUESTION 3 An administrator configures a traffic policy with the following expression:REQ.HTTP.URL CONTAINS sapcip06What will the traffic policy do when in use? A. B. C. D. Block HTTP requests that contain sapcip06 in the URL Filter the HTTP requests that contain sapcip06 in the URL Block HTTP traffic that contains sapcip06 in the HTTP response Apply traffic profile attributes to the HTTP requests that contain sapcip06 in the URL
QUESTION 4 An administrator should disable split tunneling when __________. (Choose the correct phrase to complete the sentence.) A. All traffic must go through the established VPN tunnel
B. All DNS requests must use the local domain DNS servers C. Only specified IP ranges/applications must traverse the Access Gateway D. Specific IP ranges/applications should NOT traverse the Access Gateway Answer: A Section: (none) Explanation/Reference:
QUESTION 5 An administrator needs to provide users running the Citrix Access Gateway Plugin for Windows with access to a company's intranet through the Access Gateway appliance, while also providing them with access to printers on their local area network.Which option must the administrator set to 'On' in order to meet this requirement? A. B. C. D. Compression Split tunneling Single sign-on Transparent Interception
QUESTION 6 An administrator has been instructed to configure Access Gateway 9.0, Enterprise Edition in an environment where the Access Gateway appliance is capable of resolving all intranet/Internet host names in split tunneling off mode.How must the administrator configure the split DNS setting to accomplish this? A. B. C. D. Both Local Remote Recursive
QUESTION 7 An administrator can assign intranet IP addresses per ______, ______ and _______. (Choose the three options that correctly complete the sentence.) A. AAA user B. AAA group http://certvn.wordpress.com C. Client subnet D. Session policy
E. Local Area Network F. Access Gateway virtual server Answer: ABF Section: (none) Explanation/Reference:
QUESTION 8 In which three entities can an administrator configure single sign-on (SSO) when implementing Access Gateway 9.0, Enterprise Edition as a replacement for Secure Gateway? (Choose three.) A. B. C. D. E. Traffic profile User settings Group settings Session profile Global Access Gateway settings
Answer: ADE Section: (none) Explanation/Reference:
QUESTION 9 The Web Interface home settings in the VPN parameter is http://10.102.18.213/Citrix/WISite. Drag and Drop the settings below to the Configuration Utility panel in order to configure monitoring for this Web Interface site. The Web Interface home settings in the vpn parameter is http://10.102.18.213/Citrix/WISite.
http://certvn.wordpress.com A. B. C. D. Answer: Section: (none) Explanation/Reference:
QUESTION 10 An administrator runs maintenance on ServerA every Friday between 9:00 pm -11:00 pm. The http://certvn. wordpress.com administrator has been instructed to deny access through the Access Gateway appliance to ServerA during this period only. What must the administrator configure in the Access Gateway environment to meet this requirement? A. B. C. D. An authorization policy based on the IP address of ServerA An authentication policy based on the IP address of ServerA Authorization policies based on date and time and the IP address of ServerA Authentication policies based on date and time and the IP address of ServerA
QUESTION 11
Which three kinds of IP addresses are required at a minimum when setting up an Access Gateway appliance in an environment? (Choose three.) A. B. C. D. E. Intranet Mapped NetScaler DNS Server Default gateway
QUESTION 12 Scenario: The following configuration is set on an Access Gateway appliance: By default access to all the internal resources is allowed Session profile "SesProf1" has client security check for Symantec Antivirus running and is configured with quarantine group "Quar" Session policy "SesPol1" is configured to use "SesProf1" "SesPol1" is bound to Access Gateway virtual server Intranet IP addresses in group "Quar" are bound to 10.217.2.1, 10.217.2.2 subnet An authorization policy in group "Quar" allows access to resource "Res1" The policy expression for "SesPol1" is ns_true UserA is running Symantec Antivirus on a laptop and tries to log into the Access Gateway virtual server. UserB is NOT running Symantec Antivirus but still tries to log in to the Access Gateway virtual server. What will be the expected behavior for each of these users? A. UserA will log in successfully through the virtual server and will have full access to all the internal resources; however, UserB will fail the login. B. UserB will log in successfully through the virtual server and will have full access to all the internal resources; however, UserA will fail the login. C. UserA and UserB will be able to successfully log into the virtual server and will get assigned intranet IP addresses from the "Quar" group and will only have access to "Res1". D. UserA will be able to successfully log into the virtual server and will have access to all the internal resources. UserB will also be able to log into the virtual server successfully but will fall into the "Quar" group and will only have access to "Res1". Answer: D Section: (none) Explanation/Reference: http://certvn.wordpress.com QUESTION 13 Scenario: A system administrator has been asked to change the way users connect to the Access Gateway appliance. All users must now connect through the Access Gateway appliance clientlessly. Currently there are three Access Gateway virtual servers configured. In which two ways can the administrator configure Access Gateway 9.0, Enterprise Edition to meet the needs of the users in this environment? (Choose two.) A. Enable clientless mode in the global settings B. Open each Access Gateway node and uncheck the "agent" box
C. Create a new session policy for client experience, set Clientless Access to "Off" D. Create a new session policy for client experience, set Clientless Access to "On"; bind this policy at the global level E. Create a new traffic policy for client experience, set Clientless Access to "On"; bind this policy to all three virtual servers Answer: AD Section: (none) Explanation/Reference:
QUESTION 14 Scenario: An organization has deployed Access Gateway 9.0, Enterprise Edition, as depicted in the diagram given below. Office and lab workstations are in VLANs 2 and 3 respectively. The uplink router has two virtual interfaces with VLAN 2 and VLAN 3 bound to each of the interfaces. Access Gateway is deployed in the diagram below. Office Desktop and Lab Desktop are in VLANs 2 and 3 respectively. The uplink router has two virtual interfaces, VLAN 2 and VLAN 3 bound to each of them. Configure the member interfaces appropriately in the graphical user interface by dragging and dropping them in the appropriate locations in the screenshot.
http://certvn.wordpress.com QUESTION 15 Which three kinds of IP addresses are required at a minimum when setting up an Access Gateway appliance in an environment? (Choose three.) A. B. C. D. E. Intranet Mapped NetScaler DNS Server Default gateway
QUESTION 16 An IT manager instructed the network administrator to separate the Access Gateway appliance in an environment from the Web Interface server using a firewall that performs Network Address Translation (NAT). Which two access methods could the administrator configure for Access Gateway 9.0, Enterprise Edition based on the requirements of this scenario? (Choose two.) A. B. C. D. E. Direct Translated Gateway Direct Gateway Alternate Gateway Translated
Answer: DE Section: (none) Explanation/Reference:
QUESTION 17 Scenario: Connected users need to be able to access Internet-based content without being routed through the internal LAN gateway. Split tunneling is turned off in the global settings.Where should an administrator override the global settings to turn split tunneling on? A. B. C. D. Traffic policy Traffic profile Session policy Session profile
QUESTION 18 Scenario: Due to recent security breaches, an administrator must immediately change the default password for the nsroot account to mysecret. Access to the Configuration Utility is unavailable. Which command lineinterface command should the administrator use to change the default password for the nsroot account? A. B. C. D. Set aaa user nsroot mysecret Add nsroot password mysecret Set system user nsroot mysecret Add system user nsroot mysecret
QUESTION 19 Scenario: An administrator wants users to be able to access resources running on file servers and application servers in an environment. The administrator has deployed Access Gateway 9.0, Enterprise Edition. The Citrix Access Gateway Plugin for Windows is used to establish connections to the corporate network. There are no intranet applications configured in this environment and split tunneling is turned off. The default authorization policy is set to "Deny." Users in this environment will be able to access applications on file and application servers as long as ______. (Choose the correct phrase to complete the sentence.) A. B. C. D. Users are assigned specific intranet IP addresses An authorization policy is configured to grant them access Internal resources are assigned specific intranet IP addresses Internal resources in this environment are configured as published applications
QUESTION 20 When creating a Web Interface XenApp Services site for use with Access Gateway 9.0, Enterprise Edition, which access method or authentication should be specified for the XenApp Services site? A. B. C. D. SmartAccess Control Explicit authentication Advanced Access Control Pass-through authentication

Citrix - realExamQuestions.1Y0 A13.v2011!11!08.by - Faith 1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Citrix - realExamQuestions.1Y0 A13.v2011!11!08.by - Faith 1

Uploaded by

Copyright:

Available Formats

Citrix_RealExamQuestions.

Answer: ACD Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: AC Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: BD Section: (none) Explanation/Reference:

Answer: AC Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: BCE Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

Answer: AC Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

Answer: BC Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Traffic Session Command Authorization

Answer: C Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

Answer: DE Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

http://certvn.wordpress.com A. B. C. D. Answer: Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: AE Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

B. Session C. Command D. Authorization Answer: C Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: A Section: (none)

A. B. C. D. Answer: Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: AE Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: A Section: (none) Explanation/Reference:

Answer: D Section: (none)

Answer: C Section: (none) Explanation/Reference:

Answer: CE Section: (none) Explanation/Reference:

Data None All Items Web browser

Answer: C Section: (none) Explanation/Reference:

Answer: B Section: (none) Explanation/Reference:

Answer: BCD Section: (none) Explanation/Reference:

Answer: BC Section: (none)

Answer: ACE Section: (none) Explanation/Reference:

Answer: ADF Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: D Section: (none) Explanation/Reference:

Answer: C Section: (none) Explanation/Reference: