01. A NetScaler engineer must configure external access for an application, where the configured services will be load balanced at the back-end.
Which type of Netscaler-owned IP address should be used to present the web application to an external user?
02. A network engineer wants to protect the NetScaler (NSIP 10.20.30.40) and restrict the allowed protocols to HTTPS and SSH only. Which two commands should the engineer execute?
a) set ns ip 10.20.30.40 -telnet disabled -ftp disabled -snmp disabled
b) set ns ip 10.20.30.40 -mgmtaccess disabled -gui secureonly
c) set ns ip 10.20.30.40 -ssh enabled -restrictaccess disabled -snmp disabled
d) set ns ip 10.20.30.40 -gui secureonly -restrictaccess enabled
03. Scenario: A customer is using Citrix NetScaler MPX with Citrix Access Gateway. Currently, Citrix Access Gateway is only using Basic Access for accessing Citrix XenApp published applications. The customer would like to start using Smart Access and SSL/VPN within Citrix Access Gateway. In order to meet the requirements of the scenario, the engineer must logon to www.MyCitrix.com, allocate the Access Gateway Universal license using the __________ of the Citrix NetScaler and copy the license file to the NetScaler using SCP in __________.
(Choose the correct set of options to complete the sentence.)
a) default given "ANY" as the Host ID; /nsconfig/license
b) hostname; /netscaler
c) hostname; /nsconfig/license
d) MAC Address; /nsconfig/license
04. Scenario: A NetScaler environment uses two-factor authentication and the second authentication method is AD. A user logs in to the environment but does NOT receive access to the resources that the user should have access to.How can an engineer determine the AD authentication issue on the NetScaler?
a) Use the cat aaad.debug command.
b) Use nsconmsg.
c) Check the authorization configuration.
d) Check NSlogs.
05. Scenario: A network engineer has added an NTP server using the GUI to an appliance that has never used time synchronization previously. Time synchronization is NOT occurring.
Which additional step must the engineer take after adding the first NTP server to ensure time synchronization occurs?
a) Delete and re-create /nsconfig/ntp.conf.
b) Enable “Use Source IP” mode.
c) Enable management access on a SNIP.
d) Use the “NTP Synchronization” button to enable sync.
06. Scenario: An engineer is configuring services to allow load balancing of backend web servers on the internal network. The engineer bound multiple monitors to the first service, but notices that the service is reporting as DOWN. The monitor threshold default has NOT been changed. What could be causing this issue?
a) One of the monitors' tests is failing.
b) The monitors are both reporting an UP status.
c) Some of the monitors have a higher weight.
d) The service type is HTTP.
07. Scenario: An engineer is going to upgrade the firmware on the primary NetScaler of a high availability (HA) pair. However, the engineer does NOT want the HA pair to fail over during the upgrade process.
How could the engineer configure High Availability to NOT force a fail over?
a) Configure the secondary node with StaySecondary.
b) Create a Fail Over Interface Set on the HA Pair.
c) Ensure that INC Mode is enabled on the HA Pair.
d) Set the deadInterval to 180 seconds.
08. Scenario: The network engineer has created a monitor and bound it to a service group containing four web servers to verify that the web application responds. During routine maintenance one of the web servers is shut down; however, the server state remains UP and user requests are still attempting to communicate with the server. What could be causing this problem?
a) The NetScaler configuration has not been saved since before the monitor was bound.
b) The monitor is not bound at the correct bind point.
c) The server has been disabled.
d) Health monitoring is disabled for the service group.
09. Scenario: The network engineer is unable to access a specific SSL site through the NetScaler. While reviewing traces on the NetScaler, the network engineer noticed "Handshake" failures from the server. These handshake failures could be the result of the virtual server __________.
(Choose the correct option to complete the sentence.)
a) not allowing SSLv3
b) configured to demand client authentication
c) not allowing correct ciphers
d) only allowing TLS
10. Which NetScaler feature could be used to stall policy processing to retrieve information from an external server?
a) AppExpert template
b) EdgeSight monitoring
d) HTTP callout