1. Home
  2. Citrix
  3. 1Y0-351

Citrix 1Y0-351 Online Practice Questions and Exam Preparation

1Y0-351 Exam Details

  • Exam Code
    :1Y0-351
  • Exam Name
    :Citrix NetScaler 10.5 Essentials and Networking
  • Certification
    :Citrix Certifications
  • Vendor
    :Citrix
  • Total Questions
    :289 Q&As
  • Last Updated
    :May 25, 2026

Citrix 1Y0-351 Online Questions & Answers

  • Question 231:

    Scenario: An engineer configures two NetScaler appliances in a high availability (HA) pair. As part

    of a monthly health check, the engineer attempts to log on to the second node of the HA pair and is unable to access the management IP Address. The engineer logs on to the first NetScaler node and verifies that HA is working and

    operational.

    What does the engineer need to do to resolve this problem?

    A. Create an ACL to allow access to the NSIP of the second node.
    B. Add a SNIP for the Management IP Address of the second node.
    C. Ensure that HA Route Monitors have been configured for the second node.
    D. Change the NSRoot password back to default then log on to the second node.

  • Question 232:

    What is the only input format supported by the NetScaler when using the NetScaler Certificate Import wizard within the configuration utility?

    A. JKS
    B. PEM
    C. DER
    D. PKCS#12

  • Question 233:

    Scenario: A NetScaler Engineer is configuring a new system with connected interfaces 10/1 - 10/4 and runs the following commands: add ip 10.10.10.1 255.255.255.0 -type snip add vlan 10 bind vlan 10 -ifnum 10/1 On which interface(s) will subnet 10.10.10.1 respond to requests?

    A. Only interface 10/1
    B. Interfaces on VLAN 10
    C. Only interfaces on VLAN 1
    D. Interfaces 10/1 through 10/4

  • Question 234:

    Scenario: Users complain that they are NOT able to connect to a web site using the IP address. The relevant portion of the configuration is shown below: add ssl profile srv-web -sessReuse ENABLED -sessTimeout 120 -tls11 DISABLED -tls12 DISABLED -strictCAChecks YES add service svc-web 192.168.1.3 HTTP 80 add lb vserver srv-web SSL 192.168.1.22 443 -persistenceType NONE -cltTimeout 180 bind lb vserver srv-web svc-web set ssl vserver srv-web -eRSA DISABLED -clientAuth ENABLED -clientCert Optional -tls11 DISABLED -tls12 DISABLED -SNIEnable ENABLED add ssl policy svc-web -rule true -action NOOP bind ssl vserver srv-web -certkeyName WebCert -SNICert bind ssl vserver srv-web -policyName svc-web -priority 100 What is the likely cause of the connectivity issue?

    A. SSL policy is incorrect.
    B. Client Authentication is enabled.
    C. Server Name Indication is enabled.
    D. Load Balancing persistence is set to NONE.

  • Question 235:

    Scenario: A network engineer has created two selectors to use to populate a cache group in integrated caching.

    One selector, "Hit," will determine what to add to the group. The other, "Inval", will select what should be invalidated. Which command should the engineer run to create the cache group?

    A. add cache contentgroup CacheGroup1 -hitParams Hit -invalParam Inval
    B. add cache contentgroup CacheGroup1 -hitSelector Hit -invalSelector Inval
    C. set cache contentgroup CacheGroup1 - hitParams Hit -invalParam Inval -type HTTP
    D. set cache contentgroup CacheGroup1 -hitSelector Hit - invalSelector Inval -type HTTP

  • Question 236:

    Scenario: An engineer implementing a NetScaler is tasked with creating a new VLAN, named VLAN 2, and adding it to the current interfaces. A new IP address of 10.102.29.54 with a network mask of 255.255.255.0 must be configured for VLAN 2.

    Which commands could the engineer use to achieve this configuration in the command-line interface prior to binding VLAN 2?

    A. add ns ip 10.102.29.54 255.255.255.0 add vlan 2
    B. set vlan 2 -aliasName VLAN2 add ns ip 10.102.29.54 255.255.255.0
    C. add ns ip 10.102.29.54 255.255.255.0 -vrID 2
    D. add ns ip 10.102.29.54 255.255.255.0 -type SNIP set ns ip 10.102.29.54 255.255.255.0 -vrID 2

  • Question 237:

    Scenario: A user browses to a page and is presented with a warning that he is trying to enter a web site with an untrusted certificate. The network engineer had added the correct certificate to the SSL virtual server. What could be the cause of this issue?

    A. TLS is disabled on the virtual server.
    B. The certificate is not linked to the intermediate CA.
    C. The certificate has expired and needs to be renewed.
    D. The CA certificate has not been added to the SSL virtual server.

  • Question 238:

    Scenario: A NetScaler Engineer has created a local account for a user according to the below configuration:

    add system user NSUser userpassword -timeout 900

    add system group "NetScaler users" -timeout 900

    add system cmdPolicy netscaler-users ALLOW

    "(^man.*)|(^show\\s+(?!system)(?!configstatus)(?!ns ns\\.conf)(?!ns savedconfig)(?!ns runningConfig)(?!gslb runningConfig)(?!audit messages)(?!techsupport).*)|(^stat.*)"

    bind system group "NetScaler users" -userName NSUser

    bind system group "NetScaler users" -policyName netscaler-users 100

    The user is able to log on but is NOT able to execute certain commands. The engineer goes back and looks at the logs, and the following is displayed:

    Oct 6 13:34:15 192.168.10.50 10/06/2014:13:34:15 GMT ns1 0-PPE-0 : CLI CMD_EXECUTED 4303 0 : User NSUser - Remote_ip 192.168.10.10 - Command "show ns runningConfig" - Status "ERROR: Not authorized to

    execute this command"

    Why is the command NOT working for the user?

    A. cmdPolicy is NOT configured to allow the command
    B. cmdPolicy should be set to DENY, instead of ALLOW
    C. The user should be bound to the cmdPolicy netscaler-users
    D. The priority of the cmdPolicy bound to the group "NetScaler users" should be higher

  • Question 239:

    An engineer has configured a DNS virtual server on a NetScaler appliance but the monitors are showing DOWN and DNS resolution is failing. Which of the following should the engineer check?

    A. Port 53 between the VIP address and the DNS servers is allowed
    B. That a ADNS_TCP service has been configured on the NetScaler
    C. That the load balancing feature has been enabled on the NetScaler
    D. Port 53 between the NSIP address and the DNS servers is allowed
    E. Port 53 between the SNIP address and the DNS servers is allowed

  • Question 240:

    A NetScaler Engineer would like to encrypt the LDAP authentication traffic from a NetScaler to the internal LDAP servers. Which type of load-balancing service should the engineer create?

    A. SSL
    B. TCP
    C. RADIUS
    D. SSL_TCP

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Citrix exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Y0-351 exam preparations and Citrix certification application, do not hesitate to visit our Vcedump.com to find your solutions here.