Scenario: A network engineer would like to prevent blacklisted remote clients from accessing NetScaler hosted application services. An IP address blacklist database is maintained by an external company and available to query over the Internet.
The engineer would like to reject any connections from IP addresses that are contained in the blacklist. What could the engineer configure to achieve this goal?
A. SSL offloadScenario: A network engineer gets an error message when using the configuration utility to import a PKCS#12 certificate that contains a dollar sign ($), a backquote (`), or an escape (\) character password. In order to address this error, the network engineer could prefix it with __________. (Choose the correct option to complete the sentence.)
A. an escape character (\)Scenario: The NetScaler is configured with a NSIP of 10.20.30.40. Management access is NOT enabled on any other IP address. Which command should an engineer execute to prevent access to the NetScaler using HTTP and only allow HTTPS access?
A. set ns ip 10.20.30.40 -gui disabled -telnet disabledA network engineer is testing a new load balancing virtual server "test" that has the service group "test- grp" bound to it. Which command could the engineer run to show connection details for the new virtual server?
A. show serverScenario: The IT department in an organization manages servers and network devices from an internal management subnet. A Netscaler device has recently been installed into the DMZ network. The intranet firewall allows TCP 443 from the management subnet to the Netscaler device.
How could the engineer ensure that only workstations in the management network are permitted to manage the Netscaler?
A. Create an Extended ACL based on the source IP address.Scenario: A network engineer has configured a load balancing virtual server for an HTTP application. Due to the application architecture, it is imperative that a user's session remains on a single server during the session. The session has an idle timeout of 60 minutes. Some devices are getting inconsistent application access while most are working fine. The problematic devices all have tighter security controls in place.
Which step should the engineer take to resolve this issue?
A. Set the cookie timeout to 60 minutes.Scenario: A network engineer needs to re-configure the NetScaler to utilize two new VLANs - VLAN2 and VLAN3. VLAN2 is an untagged VLAN and VLAN3 will require a .1q compliant tag. Interface 1/1 is the only interface that will be used on the NetScaler.
How could the engineer configure the NetScaler so that it can communicate with both networks?
A. Change the NSVLAN to 3 Add VLAN 2 and bind interface 1/1 as untaggedA network engineer should use the Advanced tab when configuring load balancing to enable __________. (Choose the correct option to answer the question.)
A. SSL offloadingA network engineer needs to prevent too many simultaneous HTTP requests that can cause a Denial Of Service (DDoS). What could the engineer enable to prevent too many simultaneous HTTP requests?
A. Rate LimitingA company has a new CEO and wants to update their website with the new CEO's name. What could the engineer do on the website while this modification is being made?
A. Insert the new name on the header requests using Rewrite policies.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Citrix exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1Y0-A28 exam preparations and Citrix certification application, do not hesitate to visit our Vcedump.com to find your solutions here.