1Y0-340 Online Practice Questions and Answers

Which NetScaler Management and Analytics System (NMAS) feature will assist the Citrix Engineer in gathering the required data for issues with Endpoint Analysis?

A. Security Insight

B. Web Insight

C. HDX Insight

D. Gateway Insight

A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection.

Which setting can the engineer enable in order to avoid false-positive learned rules?

A. Increase database size for Learned data.

B. Decrease Minthreshold value to Default in Learning settings.

C. Increase Minthreshold value in Learning settings.

D. Remove all unreviewed data from Learning settings.

A Citrix Engineer has configured NetScaler Web Logging on a Linux client machine. The engineer needs to verify if the log.conf file has been configured correctly and that there are NO syntax errors.

Which command can the engineer use to accomplish this?

A. nswl -verify -f/ns/etc/log.conf

B. nswl -verify -f/usr/local/netscaler/etc/log.conf

C. nswl -verify -f/usr/local/netscaler/bin/log.conf

D. nswl -verify -f/ns/bin/log.conf

A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs to create a policy to filter the upload requests and ensure that they are in JPEG format.

Which expression can the engineer use to fulfill this requirement?

A. http.req.url.endswith (".jpeg) and and http.req.method.eq (POST)

B. http.req.url.contains (".jpeg) and and http.req.method.eq (GET)

C. http.req.url.endswith (".jpeg) || http.req.method.eq (GET)

D. http.req.header ("Content-Type").contains ("image/jpeg") || http.req.method.eq(POST)

Which setting should be enabled to convert the content-length form submission requests to chunked requests, when HTML SQL Injection protection is enabled?

A. Optimize Partial Requests

B. Streaming

C. Enable form tagging

D. Percentage Recursive Decoding

Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number.

Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?

A. -creditCardAction BLOCK

B. -creditCardMaxAllowed

C. -creditCardXOut ON

D. -doSecureCreditCardLogging ON

Scenario: A Citrix Engineer has configured Security Insight on NetScaler Management and Analytics System (NMAS) with Firmware version 12.0.41.16 to monitor the Application Firewall.

The NetScaler ADC is running version 12.0.51.24 using Enterprise License with Application Firewall only License. However, after enabling Security insight, the engineer is NOT able to see any data under security insight.

What is causing this issue?

A. NetScaler should have a Standard License.

B. The NMAS version should be higher or equivalent to the NetScaler version.

C. NetScaler should have a Platinum license.

D. NMAS should be on Platinum license.

A Citrix Engineer needs to deploy the NetScaler Management and Analytics System (NMAS) in their company environment to ensure that NMAS provides uninterrupted operation in all situations.

Which deployment type can meet this requirement?

A. Active-Active High Availability Mode

B. Single-Server Deployment Mode

C. NMAS integrated with Director mode

D. Active-Passive High Availability Mode

A Citrix Engineer is considered that malicious users could exploit a web system by sending a large cookie. Which security check can the engineer implement to address this concern?

A. Field Formats

B. Content-type

C. Buffer Overflow

D. Start URL

A company has experienced an outage of their mission-critical website. Upon investigation, the Citrix Engineer determines that the following command was executed on the website:

DROP TABLE table_name

Which security check would have prevented this issue?

A. HTML SQL Injection

B. Form Field Consistency

C. HTML Cross-Site Scripting

D. Field Formats