Citrix 1Y0-700 Real Exam Questions

Citrix Application Firewall 8.0: Administration   

The Citrix Application Firewall 8.0: Administration (700) exam is divided into the following sections:

  • Pre-deployment Planning
  • Configuring Initial Settings
  • Creating a Profile
  • Creating and Configuring Initial Policies
  • Administering the Application Firewall

1: An administrator is considering adding an Application Firewall deployment to an environment that contains two network firewalls, a public network and a private network. Where should the administrator place the Application Firewall?
A.In the DMZ
B.Behind the private network
C.In front of the public network
D.In front of the two network firewalls
Correct Answers: A

2: The positive security model as applied in the Application Firewall can protect against _____________ and _____________ attacks. (Choose the two options that best complete the sentence.)
B.viruses day
D.layer 3 network
E.application layer
Correct Answers: C E

3: Scenario: A banking company has decided to deploy an Application Firewall in their network environment, which already has two third-party load balancers. The Application Firewall deployment will be used to inspect approximately 400 Mb/sec of traffic. How should an administrator deploy the system in this environment?
A.As a module on a NetScaler appliance
B.As a standalone Application Firewall appliance
C.As a module on a NetScaler High Availability pair
D.As a cluster of standalone Application Firewall appliances
Correct Answers: D

4: Scenario: A busy web application (400 Mb/sec) for an ecommerce company includes pictures of items for sale that are displayed to shoppers with text descriptions, an input field to accept customer reviews, a shopping cart and an encrypted billing page for credit cards. Many more customers browse than buy. An administrator needs to create profiles for this web application on the Application Firewall. How many profiles should an administrator configure for this web application for security with maximum performance?
A.One, an advanced profile for the reviews and billing pages
B.Two, a basic profile for the reviews page and an advanced profile for the billing page
C.Three, a basic profile for browsing and separate advanced profiles for the reviews and the billing pages
D.Four, separate basic profiles for the images and text, and separate advanced profiles for the reviews and the billing pages
Correct Answers: B

5: Scenario: The manufacturing department of a global biomedical company uses a web application to access manufacturing ratios and QA testing results from external plants that manufacture the biomedical devices. All the information for all the plants is stored in a data warehouse based on a Microsoft SQL server and accessed from the web application by running reports. Users receive instructions through a popup and then select the specific data for a report through a series of dynamically-generated drop-down menus populated from the Microsoft SQL database. Because the company is global, the web application also has language options that the user can select for the report to be delivered in.
Which part of the application can access sensitive data in this scenario?
A.The popup
B.The language options
C.The resultant URL for a report
D.The drop-down menus for the report details
Correct Answers: D

6: Scenario: A media corporation has a website where viewers can read articles on current topics and stream videos of daily newscasts. The streaming videos are provided by IPTV, a streaming media application utilizing UDP. The company decides to add an Application Firewall to their network deployment to protect their site from hackers. To determine how many devices are necessary, the administrator must determine which traffic requires protection.
Which content data type(s) does the Application Firewall need to inspect in this environment?
B.Images and text/html
C.UDP packets and text
D.Text/html, UDP packets and images
Correct Answers: A

7: The positive security model works with Application Firewall by ____________. (Choose a phrase to complete this statement correctly.)
A.protecting web servers based on learning
B.protecting web servers based on signatures
C.only allowing traffic that matches approved patterns
D.allowing traffic that does not match blocked patterns
Correct Answers: C

8: Scenario: A banking company is planning on deploying an Application Firewall in their network environment. The company will need to use SSL, plans on using Advanced profiles, and requires redundancy in their network. The web servers never serve more than 300 Mb/sec of traffic. How should an administrator deploy the Application Firewall in this environment?
A.As a standalone appliance
B.As a module on a NetScaler
C.As a cluster of standalone appliances
D.As a module on a NetScaler High Availability pair
Correct Answers: D

9: Scenario: The IT Manager of a popular social networking website has decided to deploy at least one Application Firewall to protect the millions of users that regularly log on to the website. The social networking site allows members to post group messages, email personal messages and blogs as well as maintain a personal page with pictures, messages and backgrounds created with HTML code.  An administrator is tasked with determining the content type of the data that will be passing through the Application Firewall to determine how many devices are necessary.
Which web application traffic and content data type(s) need to be inspected by the Application Firewall in this environment?
A.HTTP traffic with GIF content data types
B.HTTP traffic with text/html and text/javascript content data types
C.All TCP and UDP traffic with text/html and GIF content data types
D.All TCP traffic with text/html, POP3 and NNTP content data types
Correct Answers: B

10: Scenario: An online auctioning site has a web application that allows users to post their own items, including images and text. Users are permitted to animate their sites with Javascript. Auctioneers and shoppers must create an account and log in to be able to view any items. The web application creates session IDs at each login to keep track of shoppers and their carts and to generate suggestions for similar purchases.
Which three parts of the application can be exploited to access sensitive data? (Choose three.)
A.The text
B.The login
C.The images
D.The Javascript
E.The session IDs
Correct Answers: B D E

Download  |  Password: