1Y0-371 Online Practice Questions and Answers

Scenario: A customer would like to configure a single NetScaler Gateway that facilitates access to XenMobile and XenApp/XenDesktop resources from iOS and Android mobile devices. The customer also plans for users to access XenApp and XenDesktop resources by using a web browser from other endpoints.

The following Session Policies and expressions have been configured on NetScaler:

-

Policy 1: REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver andand REQ.HTTP.HEADER Referer EXISTS

-

Policy 2: REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver andand REQ.HTTP.HEADER X-Citrix-Gateway EXISTS

A Citrix Engineer is asked to create a new Session Profile for users accessing resources through web browsers on their endpoint devices.

The profile should be bound to __________ and direct users to __________. (Choose the correct set of options to complete the sentence.)

A. Policy 1; the XenMobile Server

B. Policy 1; StoreFront

C. Policy 2; the XenMobile Server

D. Policy 2; StoreFront

Scenario: A Citrix Engineer is configuring the NetScaler appliance for SSL offloading. The XenMobile

Server is named xms.domain.com.

The following is a list of the certificates installed on the NetScaler:

- *.domain.com - wildcard server certificate

-cacerts.pem - devices certificate

-xms.domain.com - server certificate for the XenMobile Server

-dc-1-CA.cer - Root certificate for *.domain.com

The engineer needs to configure an SSL Load Balancing virtual server for HTTPS 443 bound with __________ and the XenMobile Server service to use __________. (Choose the correct set of options to complete the sentence.)

A. *.domain.com and dc-1-CA.cer; HTTP 80

B. *.domain.com and cacerts.pem; HTTPS 443 bound with xms.domain.com

C. *.domain.com and cacerts.pem; HTTP 80

D. *.domain.com and dc-1-CA.cer; HTTPS 443 bound with xms.domain.com

Scenario: A Citrix Engineer is deploying XenMobile for an organization. The organization will deploy iOS and Android devices, and users will be allowed to enroll and use the solution remotely, or from an internal employee WIFI network. The NetScaler and XenMobile Server are both deployed in the Demilitarized Zone (DMZ) with no firewall between them.

The engineer has opened the following ports:

-Internet (ANY) -> NetScaler (DMZ) (Inbound) (443)

-

XenMobile Server -> Internet (TCP 2195 / 2196) (Outbound)

Which two ports should the engineer ask the Security team to open? (Choose two.)

A.

Internet (ANY) -> NetScaler (DMZ) (Inbound) (TCP 8443)

B.

Internal WIFI Network -> Internet (TCP 5223) (Outbound)

C.

NetScaler -> XenMobile Server (TCP 80)

D.

NetScaler -> XenMobile Server (TCP 8443)

E.

NetScaler -> License Server (TCP 27000)

A Citrix Engineer is currently in the process of a first-time installation of a XenMobile Server using the command-line interface.

Which two settings are required when configuring the remote database using SQL authentication? (Choose two.)

A. Database version

B. Port number

C. Domain name

D. Database name

Scenario: A Citrix Engineer wants to configure a NetScaler Gateway with two-factor authentication within a new XenMobile deployment while providing users with the benefits of single sign-on to the existing XenApp and XenDesktop resources. The engineer configured a Public Key Infrastructure (PKI) for other components in the environment already and would like to use the same PKI.

Which two types of authentication policies will the engineer need to add to the NetScaler Gateway virtual server? (Choose two.)

A. LDAP

B. Certificate

C. Radius

D. TACACS

Which three NetScaler features must a Citrix Engineer configure in order for XenMobile NetScaler Connector to properly function? (Choose three.)

A. Content Switching

B. Integrated Caching

C. HTTP Callout

D. Responder

E. App Flow

A Citrix Engineer needs to allow any iOS device to run a published MDX application. Which type of provisioning file should the engineer use to wrap the application?

A. App Store (Developer Account)

B. Ad-Hoc (Developer Account)

C. iOS App Development

D. In-House Profile (Enterprise Account)

A Citrix Engineer is adding a second node to an existing standalone XenMobile deployment. Which three steps must the engineer take when deploying additional nodes? (Choose three.)

A. Enable the cluster option on the existing node.

B. Connect to the existing XenMobile Server database.

C. Use the internal PKI certificate password from the existing node.

D. Use the same device certificate as the existing node.

E. Use the same host name as the existing node.

Worx Home is installed on organization-wide Android and iOS devices.

Which two tasks must a Citrix Engineer perform to ensure organization-wide devices successfully enroll with XenMobile Device Manager? (Choose two.)

A. Request an APNS certificate for iOS devices.

B. Open ports 80 and 443 on the external firewall.

C. Configure XenMobile Device Manager to push a device inventory policy.

D. Open outbound connections to APNS through ports 2195 and 2196 for the XenMobile Device Manager.

Scenario: A Citrix Engineer is experiencing issues deploying client certificates for NetScaler Gateway authentication to devices after configuring their Public Key Infrastructure (PKI) settings within the XenMobile Server.

Which two sets of logs could the engineer review to determine why the certificate is NOT being issued? (Choose two.)

A. Worx Home logs

B. XenMobile Server Debug Log File

C. Certificate Authority Event Viewer

D. NetScaler aaad.debug log

After a successful Android device enrollment through a NetScaler load balancer, the device was immediately selectively wiped.

Which two scenarios could be the cause of this selective wipe? (Choose two.)

A. All of the NetScaler Universal Access Licenses have been allocated.

B. The NetScaler port 443 virtual server did NOT have the XenMobile Devices or Root certificate bound.

C. The NetScaler port 8443 virtual server did NOT have the XenMobile Devices or Root certificate bound.

D. The NetScaler virtual server was re-encrypting back to the XenMobile Server over port 443.

Scenario: According to corporate policy, corporate data should be removed if a device is jailbroken or rooted and the device should NOT be allowed to re-enroll. A Citrix Engineer is asked to implement the action based on mobile device status to facilitate the company's security compliance.

Which action should the engineer take to meet the requirements of the scenario?

A. Revoke the device.

B. Perform a selective wipe of the device.

C. Perform a full wipe of the device.

D. Mark the device as out of compliance.

Scenario: A Citrix Engineer is configuring a load-balanced virtual server on the NetScaler that will handle the Mobile Application Management (MAM) traffic from Netscaler Gateway. The engineer binds multiple XenMobile Servers to the service group.

Which persistence method should the engineer use to determine to which XenMobile Server to send the MAM traffic?

A. CUSTOMSERVERID

B. SRCIPDESTIP

C. SOURCEIP

D. DESTIP

E. SSLSESSION

A Citrix Engineer integrated a XenMobile Server with StoreFront and now users are unable to enumerate any of their XenApp applications.

Which step must the engineer take to resolve this issue?

A. Re-enter the correct relative path from the StoreFront services site on the XenMobile Server.

B. Wrap Receiver with the MDX Toolkit and push the client to the device.

C. Terminate active ICA sessions on the NetScaler.

D. Add the XenMobile Server to the list of Delivery Controllers on the StoreFront Server.

After a successful iOS device enrollment through a NetScaler SSL Offload load balancer, the device was immediately selectively wiped.

Which two scenarios could have caused this selective wipe? (Choose two.)

A. The Apple Push Notification service (APNs) certificate has expired.

B. The port 8443 virtual server has the XenMobile Devices or Root certificate bound to it.

C. The port 443 virtual server has the XenMobile Devices or Root certificate bound to it.

D. The port 443 virtual server is re-encrypting back to the XenMobile Server over port 443.