Which three parameters must a Citrix Architect designate when creating a new session policy? (Choose three.)

Scenario: A Citrix Architect has configured two MPX devices in high availability mode with version 12.0.53.13 nc. After a discussion with the security team f the architect enabled the Appli cation Firewall feature for additional protection. In the initial deployment phase, the following security features were enabled:

• IP address reputation

• HTML SQL injection check

• Start URL

• HTML Cross-site scripting

• Form-Field consistency

After deployment in pre-production, the team identifies the following additional security features and changes as further requirements:

• Application Firewall should retain the response of form field in its memory. When a client submits the form in the next request Application Firewall should check for inconsistency in the request before sending it to the web server.

• All the requests dropped by Application Firewall should get a pre-configured HTML error page with appropriate information.

• The Application Firewall profile should be able to handle the data from an RSS feed and an ATOM-based site. Click the Exhibit button to view an excerpt of the existing configuration.

What should the architect do to meet these requirements?

Which statement is applicable to Citrix Gateway split tunneling?

Scenario: A Citrix Architect needs to design a new NetScaler Gateway deployment for a customer. During the design discussions, the architect learns that the customer would like to allow external RDP connections to internal Windows machines but does NOT want client drive redirection enabled on these connections.

Where should the architect enable the options to allow the customer to complete their requirement?

Scenario: A Citrix Architect needs to design a new multi-datacenter Citrix ADC deployment. The customer wants Citrix ADC to provide access the various backend resources by using Global Server Load Balancing (GSLB) in an Active-Active deployment.

Click the Exhibit button to view additional requirements identified by the architect.

Which GSLB algorithm or method should the architect use for the deployment based on the stated requirements?

Scenario: A Citrix Architect needs to design a hybrid Citrix Virtual App and Citrix Virtual Desktop environment which will include Citrix Cloud as well as resource locations in on-premises datacenter and Microsoft Azure.

Organizational details and requirements are as follows:

Active Citrix Virtual App and Citrix Virtual Desktop Service subscription

No existing NetScaler deployment

About 3,000 remote users are expected to regularly access the environment

Multi-factor authentication should be used for all external connections

Solution must provide load balancing for backend application servers

Load-balancing services must be in Location B

Click the Exhibit button to view the conceptual environment architecture.

The architect should use ________ in Location A, and should use _________ in Location B. (Choose the correct option to complete the sentence.)

Scenario: A Citrix Architect has set up NetScaler MPX devices in high availability mode with version 12.0. 53.13 nc. These are placed behind a Cisco ASA 5505 Firewall is configured to block traffic using access control lists. The network address translation (NAT) is also performed on the firewall.

The following requirements were captured by the architect during the discussion held as part of the NetScaler security implementation project with the customer’s security team:

The NetScaler device:

Should monitor the rate of traffic either on a specific virtual entity or on the device. It should be able to mitigate the attacks from a hostile client sending a flood of requests. The NetScaler device should be able to stop the HTTP, TCP, and DNS based requests.

Needs to protect backend servers from overloading.

Needs to queue all the incoming requests on the virtual server level instead of the service level.

Should provide access to resources on the basis of priority.

Should provide protection against well-known Windows exploits, virus-infected personal computers, centrally managed automated botnets, compromised webservers, known spammers/hackers, and phishing proxies.

Should provide flexibility to enforce the desired level of security check inspections for the requests originating from a specific geolocation database.

Should block the traffic based on a pre-determined header length, URL length, and cookie length. The device should ensure that characters such as a single straight quote (*); backslash(\), and semicolon (;) are either blocked, transformed, or dropped while being sent to the backend server.

Which two security features should the architect configure to meet these requirements? (Choose two.)

What are three potential risks when examining the disaster recovery plan and implementation for a company? (Choose three)

Scenario: A Citrix Architect needs to assess an existing Citrix ADC configuration. The customer recently found that members of certain administrator groups were receiving permissions on the production Citrix ADC appliances that do NOT align with the designed security requirements. Click the Exhibit button to view the configured command policies for the production Citrix ADC deployment.

To align the command policy configuration with the security requirements of the organization, the__________for________________should change. (Choose the correct option to complete the sentence.)

Scenario: A Citrix Architect has configured NetScaler Gateway integration with a XenApp environment to provide access to users from two domains: vendorlab.com and workslab.com. The Authentication method used is LDAP.

Which two steps are required to achieve Single Sign-on StoreFront using a single store? (Choose two.)