Scenario: A Citrix Architect and a team of Workspacelab members met to discuss a NetScaler design project. They captured the following requirements from this design discussion:

1.

A pair of NetScaler MPX appliances will be deployed in the DMZ network.

2.

High Availability will be accessible in the NetScaler MPX in the DMZ Network.

3.

Load balancing should be performed for the internal network services like Microsoft Exchange Client Access Services and Microsoft App-V.

4.

The load balancing should be performed for StoreFront.

5.

The NetScaler Gateway virtual server will be utilizing the StoreFront load-balancing virtual server.

6.

The NetScaler Gateway virtual server and StoreFront.

7.

The NetScaler Gateway virtual service and StoreFront and load-balancing services are publicly accessible.

8.

The traffic for internal and external services must be isolated.

Click the Exhibit button to review the logical network diagram.

Which two design decisions are incorrect based on these requirements? (Choose two.)

A. LB StoreFront bound to traffic Domain 0

B. NetScaler Gateway VIP bound to Traffic Domain 1

C. LB APP-V bound to Traffic Domain 1

D. SNIP 192.168.20.2 bound to Traffic Domain 1

Which markup language can a Citrix use along with NITRO API to create a StyleBook?

A. GML

B. XML

C. HTML

D. YAML

Scenario: A Citrix Architect has configured NetScaler Gateway integration with a XenApp environment to provide access to users from two domains: vendorlab.com and workslab.com. The Authentication method used is LDAP.

Which two steps are required to achieve Single Sign-on StoreFront using a single store? (Choose two.)

A. Configure Single sign-on domain in Session profile `userPrincipalName'.

B. Do NOT configure SSO Name attribute in LDAP Profile.

C. Do NOT configure sign-on domain in Session Profile.

D. Configure SSO Name attribute to `userPrincipalName' in LDAP Profile.

Which three methods can a Citrix Architect use to assess the capabilities of a network infrastructure? (Choose three.)

A. Review existing monitoring solutions for periods of latency, lost packets, and insufficient bandwidth.

B. Map the location of the users against the existing network topology.

C. Alter firewall rules of existing network to fit into the new NetScaler Deployment.

D. Examine the topology for single points of failure and potential bottlenecks.

E. Ensure that users and computers are in the correct organizational units (OUs).

Scenario: A Citrix Architect needs to assess an existing NetScaler multi-site deployment. The deployment is using Global Server Load Balancing (GSLB) configured in a parent-child configuration.

Click the Exhibit button to view the diagram of the current GSLB configuration and parent-child relationships, as well as the status of the sites and the connectivity between them.

Based on the displayed configuration and status, Chil_site1_______ a connection from _______. (Choose the correct option to complete the sentence.)

A. rejects; SiteP2 and SiteP3; remains a child site of SiteP1

B. rejects; SiteP3; remains a child site of SiteP1

C. accepts; SiteP3; becomes its child site

D. accepts; SiteP2; becomes its child site

E. does NOT receive; SiteP2 and SiteP3; remains a child site of SiteP1

F. rejects; SiteP2; remains a child site of SiteP1

Which session parameter does the default authorization setting control when authentication, authorization, and auditing profiles are configured?

A. Determines the default logging level

B. Determines whether the NetScaler appliance will allow or deny access to content for which there is no specific authorization policy

C. Determines the default period after which the user is automatically disconnected and must authenticate again to access the intranet

D. Determines whether the NetScaler appliance will log users onto all web applications automatically after they authenticate or will pass users to the web application logon page to authenticate for each application.

E. Controls are amount of time the users can be idle before they are automatically disconnected.

Scenario: A Citrix Architect has deployed two MPX devices, 12.0.53.13 nc and MPX 11500 models, in high availability (HA) pair for the Workspace labs team. The deployment method is two-arm and the devices are installed behind a CISCO ASA 5585 Firewall. The architect enabled the following features on the NetScaler devices. Content Switching, SSL Offloading, Load Balancing, NetScaler Gateway, Application Firewall in hybrid security and Appflow. All are enabled to send monitoring information to NMAS 12.0.53.13 nc build. The architect is preparing to configure load balancing for Microsoft Exchange 2016 server.

The following requirements were discussed during the implementation:

1.

All traffic needs to be segregated based on applications, and the fewest number of IP addresses should be utilized during the configuration

2.

All traffic should be secured and any traffic coming into HTTP should be redirected to HTTPS.

3.

Single Sign-on should be created for Microsoft Outlook web access (OWA).

4.

NetScaler should recognize Uniform Resource Identifier (URl) and close the session to NetScaler when users hit the Logoff button in Microsoft Outlook web access.

5.

Users should be able to authenticate using either user principal name (UPN) or sAMAccountName.

6.

The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers and the monitor probes must be sent on SSL

Which monitor will meet these requirements?

A. add lb monitor mon_rpc HTTP-ECV -send “GET /rpc/healthcheck.htm” recv 200 -LRTM DISABLED

B. add lb monitor mon_rpc HTTP-ECV -send “GET /rpc/healthcheck.htm” recv 200 -LRTM ENABLED

C. add lb monitor mon_rpc HTTP -send “GET /rpc/healthcheck.htm” recv 200 -LRTM DISABLED -secure YES

D. add lb monitor mon_rpc HTTP-ECV -send “GET/rpc/healthcheck.htm” recv 200 -LRTM DISABLED secure YES

Scenario: A Citrix Architect needs to design a new NetScaler Gateway deployment to provide secure RDP access to backend Windows machines.

Click the Exhibit button to view additional requirements collected by the architect during the design discussions.

To meet the customer requirements, the architect should deploy the RDP proxy through _______, using a _________ solution. (Choose the correct option to complete the sentence.)

A. ICAProxy, stateless gateway

B. CVPN; single gateway

C. CVPN; stateless gateway

D. ICAProxy; single gateway

Scenario: A Citrix Architect needs to deploy a NetScaler appliance for Workspacelab, which will provide application load balancing services to Partnerlab and Vendorlab.

The setup requirements are as follows:

1.

A pair of NetScaler MPX appliances will be deployed in the DMZ network.

2.

High availability will be accessible on the NetScaler MPX in the DMZ Network.

3.

Load balancing should be performed for the mail servers for Partnerlab and Vendorlab.

4.

The traffic for both of the organizations must be isolated.

5.

Separate Management accounts must be available for each client.

6.

The load-balancing IP addresses must be identical.

7.

A separate VLAN must be utilized for communication for each client.

Which solution can the architect utilize to meet the requirements?

A. Traffic Domain

B. Admin Partition

C. VLAN Filtering

D. VPX or MPX

Scenario: A Citrix Architect has deployed Authentication for the SharePoint server through NetScaler. In order to ensure that users are able to edit or upload documents, the architect has configured persistent cookies on the NetScaler profile.

Which action should the architect take to ensure that cookies are shared between the browser and non-browser applications?

A. The time zone should be the same on the NetScaler, client, and SharePoint server.

B. The SharePoint load-balancing VIP FQDN and the AAA VIP FQDN should be in the trusted site of the client browser.

C. The Secure flag must be enabled on the cookie.

D. The cookie type should be HttpOnly.