[100% New Questions] Latest Citrix CCP-N 1Y0-351 Dumps Exam Training Resources And Youtube Demo
Update latest Citrix CCP-N 1Y0-351 dumps pdf training resources and vce youtube demo free shared. Newest helpful Citrix CCP-N 1Y0-351 dumps exam questions and answers free download from lead4pass. “Citrix NetScaler 10.5 Essentials and Networking” is the name of Citrix CCP-N https://www.leads4pass.com/1y0-351.html exam dumps which covers all the knowledge points of the real Citrix exam. High quality Citrix CCP-N 1Y0-351 dumps pdf practice materials and study guides free update, pass Citrix 1Y0-351 exam test easily at first try.
Free latest Citrix 1Y0-351 dumps pdf training resources: https://drive.google.com/open?id=0B_7qiYkH83VRb0VpdHdyX1JqMzg
Free latest Citrix 1Y0-301 dumps pdf training resources: https://drive.google.com/open?id=0B_7qiYkH83VRWllybjA3aFZTMTQ
QUESTION 1
Scenario: The IT department in an organization manages servers and network devices from an internal management subnet. A NetScaler device has recently been installed into the DMZ network. The intranet firewall allows TCP 443 from the management subnet to the NetScaler device.
How could the engineer ensure that only workstations in the management network are permitted to manage the NetScaler?
A. Create an Extended ACL based on the source IP address.
B. Create a restricted route from the internal network to the DMZ.
C. Enable the management access control option on the NSIP address.
D. Enable the management access control on the internal SNIP address.
Correct Answer: A
QUESTION 2
Scenario: An engineer has three subnets configured on a NetScaler appliance. The engineer must only allow a certain group of users to access a virtual server on the appliance. The IT Manager requires that all rules are flexible and can be easily modified for ease of administration. How could the engineer allow certain groups to access the virtual server while still being able to modify the setting in the future?
A. Add a Simple ACL.
B. Disable USNIP Mode.
C. Create an Extended ACL.
D. Add a Host Route to the virtual server.
Correct Answer: C
QUESTION 3
Scenario: An engineer created a new test Web Interface site for the new XenDesktop farm that the IT Department is developing. Several weeks later the engineer finds out that several people across the company have been accessing the new test site. The engineer needs to ensure that only the IT Department subnets can access the test site.
How could the engineer restrict access to the site so that only certain subnets can access this resource?
A. Add an Extended ACL to only allow specific subnets to the Web Interface Site.
B. Modify an existing simple ACL to allow specific subnets to the Web Interface Site.
C. Enable USNIP Mode on the appliance to allow specific subnets to the Web Interface Site.
D. Change the Access Method on the Web Interface Site to allow specific subnets to the Web Interface Site.
Correct Answer: A
QUESTION 4
A network engineer needs to configure load balancing for an FTP site. 1Y0-351 dumps
Which type of session persistence method can the engineer select for this scenario?
A. Rule
B. Source IP
C. Cookie Insert
D. Custom Server ID
Correct Answer: B
QUESTION 5
Scenario: Example.com runs a dating service site that provides a service with videos of candidates. They want to use RTSP load balancing to stream the videos more effectively.
Which load balancing method should the engineer select?
A. Least packet
B. Round Robin
C. Least bandwidth
D. Least connection
Correct Answer: C
QUESTION 6
Scenario: An engineer has been hired to manage the content-switching configurations on the NetScaler.
The user account for this engineer must have the standard rules that apply to the other administrators.
What should the engineer do to allow for the extra privileges?
A. Modify the current Command Policy and then save the changes.
B. Unbind the current Command Policy of the user account and then save the changes.
C. Remove the custom Command Policy and then create one with the new requirements.
D. Create a custom Command Policy and bind it to the user account with the highest priority.
Correct Answer: D
QUESTION 7
A network engineer needs to configure smart card-based authentication on NetScaler Access Gateway.
Which type of authentication policy could the engineer configure in order to accomplish this task?
A. Local
B. RADIUS
C. Certificate
D. Secure LDAP
Correct Answer: C
QUESTION 8
A company wants to implement a policy where all passwords should be encrypted while transiting the network.
Where in the GUI would the network engineer prevent access to unsecured management protocols?
A. Network -> IPs
B. System -> Auditing
C. AppExpert -> Pattern Sets
D. Protection Features -> Filter
Correct Answer: A
QUESTION 9
Scenario: The NetScaler is configured with a NSIP of 10.20.30.40. Management access is NOT enabled on any other IP address. 1Y0-351 dumps
Which command should an engineer execute to prevent access to the NetScaler using HTTP and only allow HTTPS access?
A. set ns ip 10.20.30.40 -gui disabled -telnet disabled
B. set ip 10.20.30.40 -gui secureonly -mgmtaccess enabled
C. set ip 10.20.30.40 -mgmtaccess disabled -gui secureonly
D. set ns ip 10.20.30.40 -gui enabled -restrictAccess enabled
Correct Answer: B
QUESTION 10
Company policy states that SNMP management should only be allowed from specific hosts.
What should the network engineer do to prevent unauthorized access to SNMP?
A. Add an SNMP manager.
B. Add an SNMP trap destination.
C. Check secure access only on the NSIP.
D. Add an SNMP community name that is difficult to guess.
Correct Answer: A
QUESTION 11
A network engineer needs to configure load balancing for secured web traffic that does NOT terminate at the NetScaler device.
Which type of session persistence method can the engineer select for this scenario?
A. Source IP
B. Cookie Insert
C. URL Passive
D. SRCIPDESTIP
Correct Answer: A
QUESTION 12
A company has two sites that host six cache web servers that are used to promote sales information.
Which feature on the NetScaler should an engineer enable to provide faster application performance and also provide additional capacity if the demand increases for one site?
A. Load balancing
B. Integrated Cache
C. Responder Policy
D. Content switching
Correct Answer: A
QUESTION 13
Scenario: A network engineer has configured a load balancing virtual server for an HTTP application. 1Y0-351 dumps Due to the application architecture, it is imperative that a user’s session remains on a single server during the session. The session has an idle timeout of 60 minutes. Some devices are getting inconsistent application access while most are working fine. The problematic devices all have tighter security controls in place.
Which step should the engineer take to resolve this issue?
A. Set the cookie timeout to 60 minutes.
B. Configure a backup persistence of SourceIP.
C. Change the HTTP parameters to Cookie Version 1.
D. Utilize SSL offload to enable the application to use SSL.
Correct Answer: B
QUESTION 14
Scenario: The network engineer has created a monitor and bound it to a service group containing four web servers to verify that the web application responds. During routine maintenance one of the web servers is shut down; however, the server state remains UP and user requests are still attempting to communicate with the server.
What could be causing this problem?
A. The server has been disabled.
B. The monitor is not bound at the correct bind point.
C. Health monitoring is disabled for the service group.
D. The NetScaler configuration has not been saved since before the monitor was bound.
Correct Answer: C
QUESTION 15
Scenario: An engineer is configuring services to allow load balancing of backend web servers on the internal network. The engineer bound multiple monitors to the first service, but notices that the service is reporting as DOWN. The monitor threshold default has NOT been changed.
What could be causing this issue?
A. The service type is HTTP.
B. One of the monitors’ tests is failing.
C. Some of the monitors have a higher weight.
D. The monitors are both reporting an UP status.
Correct Answer: B
Latest useful Citrix CCP-N 1Y0-351 exam practice files in PDF format free download from lead4pass. The best and most updated useful Citrix CCP-N https://www.leads4pass.com/1y0-351.html dumps pdf training resources which are the best for clearing 1Y0-351 exam test, and to get certified by Citrix CCP-N, download one of the many PDF readers that are available for free.
High quality Citrix CCP-N 1Y0-351 dumps vce youtube: https://youtu.be/GSsAx5R6rpM