Scenario: For auditing requirements, NetScaler administrators are required to use their Active Directory accounts to log on to NetScaler. All NetScaler administrators belong to the NSAdmins Active Directory group.
Which configuration must an administrator create in NetScaler to meet the requirements of the scenario?
A. User accounts
B. NSAdmins group
C. Authorization policy
D. Service Groups policy
Scenario: An administrator is implementing a two-factor authentication solution with an RSA SecureID product. The administrator already has the server name and port number of the RSA server.
Which additional information does the administrator need to configure RSA SecureID?
A. LDAP password
B. Firewall access rule
C. Authentication policy
D. RADIUS shared secret
Scenario: An administrator is creating a NetScaler Gateway virtual server for mobile devices only. The administrator must include two-factor authentication.
Which two steps must the administrator take to configure two-factor authentication for this environment? (Choose two.)
A. Bind the RSA policy first.
B. Bind the LDAP policy first.
C. Create an authentication policy.
D. Create a pre-authentication policy.
Scenario: An administrator implemented RADIUS with NetScaler Gateway as a two-factor authentication solution for a XenDesktop implementation. A planned outage is scheduled in wake of a software upgrade on the RADIUS infrastructure. During the outage, the administrator needs to disable the two-factor authentication on NetScaler Gateway to enable users’ continued access to published applications.
Which action could the administrator take to meet the needs of the scenario without affecting the connected users?
A. Delete the RADIUS authentication policy.
B. Set the RADIUS policy to be secondary authentication.
C. Disable authentication on the NetScaler Gateway virtual server.
D. Unbind the RADIUS authentication policy from the NetScaler Gateway virtual server.
In which format should an administrator save the AppExpert Template files in order to import and upload to the NetScaler?
Scenario: A company had a single datacenter location with a single NetScaler installed. A second datacenter location was added and an administrator installed a second Citrix NetScaler at the second datacenter location. The NetScaler is used for load balancing internal infrastructure solutions.
The administrator plans to configure the environment so that it will continue to work even if there is a datacenter failure. Only the primary datacenter location is connected to the Internet. The configuration has to be synchronized automatically so that the configuration of both appliances is always identical.
How should the administrator configure the NetScaler devices so that continuity is maintained in the event of a datacenter failure?
A. As a GSLB cluster
B. In a VRRP configuration
C. As a high availability pair
D. As standalone appliances
An administrator notices that a NetScaler high availability (HA) pair has changed the primary node several times in the past few days due to intermittent issues.
What could the administrator configure to ensure that HA failures are alerted?
C. Route Monitors
D. Failover Interface Set
Which command-line interface command could an administrator use to display communication between the LDAP server and the NetScaler system?
A. cat /etc/krb5.conf
B. cat /etc/krb5.keytab
C. cat /tmp/aaad.debug
D. cat /var/log/aaad.debug
E. tail -f /var/log/aaad.debug
Scenario: An administrator configured an LDAP authentication policy and bound it globally. The only system group configured on the Netscaler is NS_Admins. After reviewing the security logs, the administrator notices that users in the External_Contractors LDAP group are able to log on to NetScaler using SSH; however, members of the External_Contractors group are NOT authorized to run any commands.
Which action could the administrator take to prevent the members of the External_Contractors LDAP Group from logging on to NetScaler using SSH without affecting other users?
A. Configure an authorization policy that allows logon only by members of the “External_Contractors” LDAP Group. Bind the new policy globally.
B. Specify (memberOf=”CN=External_Contractors, CN=Groups, CN=example, CN=com”) as a filter in the properties of the configured LDAP server.
C. Specify (!(memberOf=”CN=External_Contractors, CN=Groups, CN=example, CN=com”)) as a filter in the properties of the configured LDAP server.
D. Create a new command policy with a DENY action. Create a System Group named “External_Contractors” and assign the new command policy to the External_Contractors group.
After restarting one node on a two-node NetScaler cluster, an administrator notices that the node that was restarted no longer accepts traffic.
Which action could the administrator take to resolve this issue?
A. Run the nsconmsg -g feature -d stats from the shell.
B. Run the sync cluster files command from the command-line interface.
C. Replace the cluster license file and restart the NetScaler software only.
D. Restart the NetScaler software and operating system for the failing node.