Citrix 1y0-341 practice test

Question 1

Which Citrix Application Delivery Management (ADM) Analytics page allows an engineer to measure
the ICA Round Trip Time for user connections?

• A. Security Insight
• B. Gateway Insight
• C. TCP Insight
• D. HDX Insight
• E. Web Insight

Question 2

Which Citrix Web App Firewall profile setting can a Citrix Engineer implement to remove non-
essential content from web files to improve response time?

• A. Strip HTML Comments
• B. Exclude Uploaded Files from Security Checks
• C. Enable Form Tagging
• D. Exempt Closure URLs from Security Checks

Question 3

Scenario: A Citrix Engineer is using Citrix Application Delivery Management (ADM) to manage SSL
certificates across all Citrix ADC instances. The engineer wants to distribute a new certificate to the
devices. What, in addition to the certificate file, must the engineer provide when uploading the new
certificate?

• A. Serial Number File
• B. Certificate Signing Request (CSR)
• C. Root Certificate
• D. Key File

Question 4

Scenario: When reviewing the activity logs for a web application, a Citrix Engineer notices a high
number of requests for the page, /setup.aspx. Further investigation reveals that most of these
requests originated from outside the network. Which protection can the engineer implement to
prevent this?

• A. HTML Cross-Site Scripting (XSS)
• B. Cookie Consistency
• C. Start URL with URL Closure
• D. Buffer Overflow

Question 5

Scenario: A Citrix Engineer needs to limit Front End Optimization (FEO) on a web application to
mobile users with mobile devices. The engineer decides to create and bind an FEO policy.
Which advanced expression should the engineer use in the FEO policy?
A.
HTTP.REG.HEADER(User-
Agent).CONTAINS(Mobile)&&CLIENT.IP.SRC.IN_SUBNET(192.168.10.0/24.NOT
B. HTTP.REQ.HEADER(User-Agent).NOTCONTAINS(Windows)&&CLIENT.IS_MOBILE
C. CLIENT.IP.SRC.IS_MOBILE
D.
HTTP.RED.HEADER(User-Agent).CONTAINS(Ios)
II
HTTP.REQ.HEADER(User-
Agent).CONTAINS(Andriod)

Question 6

In which order is a client request to a protected web application processed?

• A. CitrixWebApp Firewall, Load Balancing, Caching, Rewrite
• B. Caching, Citrix Web App Firewall, Load Balancing, Rewrite
• C. Citrix Web App Firewall, Caching, Load Balancing, Rewrite
• D. Load Balancing, Citrix Web App Firewall, Caching, Rewrite

Question 7

Scenario: A Citrix Engineer has established protections for web applications using Citrix Web App
Firewall. One of the application owners is concerned that some negative traffic is passing through to
the application servers. The owner wants confirmation that Citrix Web App Firewall is blocking
negative traffic. Which CLI command can the engineer use to display statistics on a per-protection
basis for the enabled protections?

• A. stat appfw policyjabel <policy_label_name>
• B. stat appfw policy <policy_name>
• C. stat appfw profile <profile_name>
• D. stat appfw signature <signature_object>

Question 8

Which Citrix Application Delivery Management (ADtv1) Analytics page allows a Citrix Engineer to
monitor Citrix Virtual Apps and Desktop traffic?

• A. Web Insight
• B. WAN Insight
• C. HDX Insight
• D. Gateway Insight

Question 9

Which Citrix Web App Firewall engine setting can a Citrix Engineer use to ensure that protections are
applied in the event that an advanced policy expression cannot be evaluated as either 'True' or
'False'?

• A. Undefined profile
• B. Session Limit
• C. Default profile
• D. Entity Decoding

Question 10

Scenario: A Citrix Engineer is setting up Citrix Application Delivery Management (ADM) in High
Availability (HA) mode. The engineer creates both nodes and
connects them to the same subnet.
Which IP address must the engineer configure on the Citrix ADM HA pair to allow instances to
reconnect to Citrix ADM after a failover?

• A. Virtual
• B. Cluster
• C. Subnet
• D. Floating

Question 11

A Citrix Engineer wants to create a configuration job template to add a DNS nameserver to each
Citrix ADC instance. What is a valid variable name for the DNS nameserver?

• A. %dns_nameserver%
• B. %dns_nameserver
• C. $dns_nameserver$
• D. $dns nameserver

Question 12

Scenario: A Citrix Engineer is reviewing the log files for a protected application. The engineer
discovers a lot of errors pertaining to invalid data being supplied by
users.
Which protection can the engineer implement at the Citrix Web App Firewall to reduce these errors?

• A. Field Format
• B. Cross-Site Request Forgeries (CSRF)
• C. Form Field Consistency
• D. HTML SQL Injection

Question 13

Scenario: A Citrix Engineer notices that a web page takes a long time to display. Upon further
investigation, the engineer determines that the requested page is referencing 48 other elements for
download.
Which Front End Optimization technique can the engineer enable on the Citrix ADC to improve time-
to-display?

• A. Shrink to Attributes
• B. Remove comments from HTML
• C. Domain Sharding
• D. Move to Head Tag

Question 14

Scenario: During application troubleshooting, a Citrix Engineer notices that response traffic received
from a protected web application is NOT matching what the web server is sending out. The auditor is
concerned that Man-In-The-Middle attack is in progress.
Which action is the Citrix Web App Firewall performing that would trigger this false positive?

• A. Removing the Last-Modified header
• B. Inserting a hidden form field
• C. Removing the Accept-Encoding header
• D. Modifying and adding cookies in the response

Question 15

A Citrix Engineer observes that the servers hosting a critical application are crashing on a regular
basis. Which protection could the engineer implement on a Citrix Web App Firewall in front of the
application?

• A. Buffer Overflow Check
• B. HTML Cross-Site Scripting (XSS)
• C. Start URL
• D. HTML SQL Injection