Which action must a Citrix Engineer make to use a Private Root Certificate with the Client for Java Version 9.x when securing connections to XenApp resources?
A. Enable SecureICA .
B. Install the Java client on each client device.
C. Turn on theEnableLegacySupport parameter.
D. Install the root certificate on the firewall, if one exists.
E. Import the root certificate into the Javakeystore on each client device.
Scenario: Nether Tech Inc.’s Research and Development team wishes to upgrade the security around its research information. The Citrix Architect recommends the implementation of smart card technology at Nether Tech Inc.’s research and development facility in order to implement two- factor authentication. Which two types of smart cards are compatible with XenDesktop? (Choose two.)
A. Contact Smart Card
B. Proximity Smart Card
C. Common Access Card
D. USB Smart Card Token
Scenario: Nether Tech Inc. needs to meet the highest security standards to satisfy regulatory requirements. Secured connections between published desktop and endpoints, as well as published applications and the Web Interface need to be implemented. The Citrix Engineer needs to implement the XenOesktop, XenApp and the Web Interface infrastructures in Nether Tech Inc.’s environment. What are four XenDesktop best practices that should be considered? (Choose four.)
A. Protect all computers with personal firewalls.
B. Set up SSL access for the Web Interface site.
C. Protect all computers with perimeter firewalls, including those at enclave boundaries as appropriate.
D. Ensure the perimeter firewalls are NOT repositioned when the conventional environment is migrated to XenDesktop.
E. Ensure secure communication between endpoint devices and desktops by using the Citrix ICA client and setting the encryption level to basic.
F. Ensure secure communication between endpoint devices and desktops by using the Citrix ICA client and setting the encryption level to 128bit.
Scenario: A Citrix Engineer is considering making a change to the design document in order to allow the alternate address of the XenApp server to be given to a particular set of client devices when users attempt to access published applications. What are three settings that the Citrix Engineer must configure in order to use the alternate address of the XenApp servers for the particular set of client devices? (Choose three.)
A. Enable the spanning tree protocol.
B. Configure port forwarding on the managed switches.
C. Configure the firewall for network address translation.
D. Configure theXenApp Servers with an alternate address.
E. Specify the MAC address of the client devices that should receive the alternate address.
F. Specify the IP Address and Subnet Mask for each of the client devices that the users will connect from.
When completed, Nether Tech Inc.’s environment will consist of XenDesktop and XenApp resources. The engineer has configured alternate address translation on the XenApp servers and the Web Interface to use alternate address access method. What will happen if the Citrix Engineer configures alternate address translation when securing the traffic between the Web Interface and the client devices?
A. The Java client will fail.
B. Users will NOT be able to accessXenApp streamed applications.
C. External users will NOT be able to access XenDesktop virtual desktops.
D. The XML transport will have to be changed to SSL Relay in order to access the desktops.
E. Internal users will have to connect through theXenApp servers using the alternate address.
Scenario: The new design document for Nether Tech Inc.’s environment requires the creation of a new desktop group with an HTTPS address type for the XenServer pool master logon page. In order to secure communication between the Desktop Delivery Controller and XenServer, the design document recommends the engineer replace the default SSL certificate installed with XenServer with one from a trusted certificate authority.
The name of the XenServer host is XS01. Which two commands must the engineer use to generate a certificate request on the XenServer host using the XenServer console? (Choose two.)
A. Opensslgenrsa -out XS01.private 2048
B. Opensslgeneratereqsa -out XS01.private 2048
C. Opensslreq -new -outform PEM -out XS01.request -keyform PEM -key XS01.private -days 365
D. Openssl request -new -outform PEM -out XS01.request -keyform PEM -key XS01.public – 365days
What should the Citrix Engineer enable when configuring server communication between the Web Interface and XenApp or XenDesktop in order to allow smart card logon?
B. URL redirect
C. IMA Encryption
D. Two-factor authentication
The Citrix Architect should recommend the implementation of a shared storage infrastructure if _____and_____ are required. (Choose the two correct options to complete the sentence.)
B. disk resizing
C. centralized storage
D. virtual machine storage
Which storage type should be used if thin provisioning is required from the XenServer?
A. NFS based
B. Fibre Channel
C. iSCSI software
D. iSCSI hardware
Scenario: During the initial stage of the design phase, Nether Tech Inc.’s management team did NOT request the use of remote storage in their environment; however, after attending a recent demonstration for XenServer, Nether Tech Inc.’s management team is interested in implementing shared remote storage, specifically an implementation that will allow for fast-cloning and thin-provisioning. Which three remote storage types will meet the needs of this environment? (Choose three.)
B. NFS based
C. Fibre Channel
D. iSCSI software
E. iSCSI hardware
Passleader 1Y0-A15 Course Material With Reasonable Price And 100% Pass Exam