1Y0-341 Online Practice Questions and Answers

Which feature of Citrix Web App Firewall builds rules from known good traffic?

A. Sessionization

B. App Expert

C. Adaptive learning engineer

D. SNORT signatures

Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. After the Web App Firewall policy is bound to the virtual server, the engineer notices that Citrix Web App Firewall is NOT blocking bad requests from clients. Which tool can help the engineer view the traffic that is passing to and from the client?

A. nstrace

B. nsconmsg

C. syslog

D. aaad.debug

Scenario: A Citrix Engineer is notified that improper requests are reacting the web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has zero hits.

What are two possible causes for this within the Citrix Web App Firewall policy? (Choose two.)

A. The expression is incorrect.

B. It has been assigned an Advanced HTML profile.

C. It is NOT bound to the virtual server.

D. It has been assigned the built-in APPFW_RESET profile.

Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.

Which deployment will satisfy the requirements?

A. A single Citrix ADM with database replication to a secondary storage repository.

B. A pair of Citrix ADM virtual appliances configured for High Availability.

C. A single Citrix ADM imported onto the same hypervisor as the Citrix ADC VPX.

D. A pair of Citrix ADM virtual appliances, each working independently.

A Citrix Engineer is reviewing the log files for a sensitive web application and notices that someone accessed the application using the engineer's credentials while the engineer was out of the office for an extended period of time.

Which production can the engineer implement to protect against this vulnerability?

A. Deny URL

B. Buffer Overflow

C. Form Field Consistency

D. Cookie Consistency

Which Front End Optimization technique overcomes the parallel download limitation of web browsers?

A. Domain Sharding

B. Minify

C. Extend Page Cache

D. Lazy Load

Which security model should a Citrix Engineer implement to make sure that no known attack patterns pass through Citrix Web App Firewall?

A. Hybrid

B. Static

C. Positive

D. Negative

Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service attack.

Which advanced expression can the engineer write for a Responder policy?

A. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(SPAM_SOURCES)

B. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(BOTNETS)

C. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WEB_ATTACKS)

D. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WINDOWS_EXPLOITS)

Scenario: A Citrix Engineer wants to configure the Citrix ADC for OAuth authentication. The engineer uploads the required certificates, configure the actions, and creates all the necessary policies. After binding the authentication policy to the application, the engineer is unable to authenticate.

What is the most likely cause of this failure?

A. The log files are full.

B. The Redirect URL is incorrect.

C. The certificates have expired.

D. The policy bindings were assigned incorrect priorities.

Statistics for which three types of violations are presented on the App Security Dashboard? (Choose three.)

A. Web App Firewall protection

B. IP Reputation

C. SSL Enterprise Policy

D. Signature

E. AAA