We provide real 1Y0-351 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Citrix 1Y0-351 Exam quickly & easily. The 1Y0-351 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Citrix 1Y0-351 dumps pdf and vce product and material, you can easily pass the 1Y0-351 exam.
Q49. Which SSL parameter should an engineer configure to bind multiple certificate key pairs to a virtual server?
A. SNI enable
B. Session reuse
C. Send close-notify
D. Client authentication
Answer: A
Q50. Scenario: A client connecting to an SSL virtual server receives the following error: "Invalid Server Certificate The server certificate is invalid. Do you wish to accept this certificate and connect to the server anyway?" What is a possible cause of this error message?
A. The private key is NOT password-protected. B. The certificate key pair is password-protected.
C. The intermediate CA certificate is NOT linked to the server certificate.
D. Certificate Revocation Lists (CRLs) have NOT been defined on the NetScaler.
Answer: C
Q51. What is the only input format supported by the NetScaler when using the NetScaler Certificate Import wizard within the configuration utility?
A. JKS
B. PEM
C. DER
D. PKCS#12
Answer: D
Q52. Which public IP address must a NetScaler Engineer set on a NetScaler appliance to allow for client connections?
A. NSIP
B. SNIP
C. VIP
D. USNIP
Answer: C
Q53. A NetScaler Engineer would like to direct identical requests for the same service to specific cache servers. Which load-balancing method should the engineer use?
A. URL Hash
B. Domain Hash
C. Source IP Hash
D. Source IP Destination IP Hash
Answer: A
Q54. Which three command-line interface commands should a NetScaler Engineer execute to configure an authentication virtual server? (Choose three.)
A. add authentication vserver <name> ssl <ipaddress>
B. bind ssl certkey
C. set authentication vserver <name> -authenticationDomain
D. show authentication vserver <name>
E. add ssl certkey
Answer: A, B, C
Q55. When a network engineer logs onto a new NetScaler device in the London datacenter, data output indicates that the device is NOT configured for the local time. How can the network engineer synchronize the correct time with an NTP server in the local data center?
A. Configure the correct time from the GUI and restart.
B. Modify the ntp.conf and rc.netscaler files and restart.
C. Logon using the nsrecover/nsroot credentials and restart.
D. Configure the NetScaler as a secondary NTP server and restart.
Answer: B
Q56. Which command would an engineer run to deny access to destination port 103 from a host with an IP address of 10.0.1.1?
A. add ns acl rule1 DENY -srcIP 10.0.1.1 -srcPort 103 -TTL 600
B. add ns acl rule1 DENY -srcIP 10.0.1.1 -srcPort 103 -protocol TCP
C. add ns acl rule1 DENY -srcport 103 -destIP 10.0.1.1 -protocol TCP
D. add ns simpleacl rule1 DENY -srcIP 10.0.1.1 -destport 103 -protocol TCP
Answer: D