Looking for Real Exam Questions for IT Certification Exams!

We guarantee you can pass any IT certification exam at your first attempt with just 10-12
hours study of our guides.

Our study guides contain actual exam questions, you will get word to word same on your
actual test; accurate answers with detailed explanation verified by experts and all graphics
and drag-n-drop exhibits shown just as on the real test.

To test the quality of our guides, you can download the one-third portion of any guide from
http://www.certificationking.com absolutely free.

Besides, we also offer complete version of following exams absolutely free. You can start
your certification from these free guides and if you are satisfied you can buy the rest

♦ Microsoft: 70-214, 70-290, 70-306, 70-431, 70-536, MB2-421

♦ CCNP: 642-801 ♦ CCIP: 642-611
♦ CCSP/ VPN & Security: 642-501 ♦ CCVP/ IP Comm/ Specialist: 642-432
♦ Oracle: 1Z0-040, 1Z0-007, 1Z0-001 ♦ CIW: 1D0-441 ♦ Novell: 50-632, 50-664
♦ Citrix: 1Y0-222, 1Y0-223 ♦ Lotus: 190-510 ♦ HP: HP0-714 ♦ APPLE: 9L0-401
♦ BEA: 0B0-101♦ Symantec: 250-501 ♦ Exam Express: EE0-011 ♦ Juniper: JN0-120 ..more

For pricing and placing order, please visit http://certificationking.com/order.html

We accept all major credit cards through www.paypal.com

For other payment options and any further query, feel free to mail us at
info@certificationking.com
Exam: 1Y0-306
Title: Citrix Access Gateway 4.2 with Advanced Access Control:
Admin

# QUESTION 1:
Scenario: Ken configured an Exchange Server and Outlook clients for email synchronization. Client
devices are using Microsoft Outlook 2000 and running on Windows XP operating systems. The Secure
Access Client is installed on all client devices.
What are two requirements to perform the configurations required for this scenario?
(Choose two.)

A. The administrator must create and configure a policy.

B. The administrator grants the Download Email Attachment privilege for all users.
C. The administrator verifies that the client devices have Internet Explorer 5 or 6 with all critical updates
installed.
D. The administrator verifies connectivity from the Access Gateway to the Exchange Server on all the
ports to which the Exchange Server listens.
Answer: A,D

# QUESTION 2:
Scenario: An administrator wants to provide access to CertKing .com intranet site from the access server
farm. The home page for the intranet site includes several links to external web pages. The administrator
wants to ensure that all links can be accessed through this resource. How can this be configured?
A. Create a filter that allows access to all the websites lnked from the home page.
B. Enable URL rewriting to provide users access to the pages linked on the website.
C. Include all the web pages linked from the home page using a URL that contains a wildcard.
D. Within the New Web Resource Wizard add URLs for the home page and each page linked from the
home page.
Answer: D

# QUESTION 3:
Whenever a RADIUS or LDAP profile is associated with a logon point, the administrator must ______.
(Fill in the blank with a listed option.)
A. use a Sample Logon Point
B. deploy the Secure Access Client on every client device
C. provide a decentralized database to store users' profiles
D. provide the associated credential during the deployment of the logon point
Answer: D

# QUESTION 4:
Scenario: An administrator of an enterprise, where users' actions are restricted in terms of downloading,
installing, and running programs on their computers, receives a service ticket from a user who is
complaining of not being able to install the Endpoint Analysis Client software. What could be the cause?
A. The user account being used is not a member of the users group.
B. The user account being used is a member of the administrator group.
C. The user account being used is not a member of the power users group.
D. The user account being used is a member of a domain user account, which is a member of the local
administrator group.
Answer: C

# QUESTION 5:
Scenario: An administrator is required to configure the setting that determines whether users can
reconnect to both active and disconnected sessions or only to disconnected sessions while creating a
logon point. Which option should the administrator enable?
A. Window
B. Session Time-out
C. Domain Prompting
D. Workspace Control
Answer: D

# QUESTION 6:
Along with Active Directory, which other two authentications could be implemented in order to provide
Advanced Authentication? (Choose two.)
A. Smart Cards
B. LDAP authentication
C. RSA Security SecurID
D. Secure Computing SafeWord PremierAccess
Answer: C,D

# QUESTION 7:
A client device is scanned but the user receives a message that he is denied access to the network. Which
two actions can help the administrator determine which endpoint analysis scans failed? (Choose two.)
A. Examine the "Endpoint Analysis Scan Results" snap-in
B. Modify the Disallowed.ascx page to show the scan results
C. View the event log on the Advanced Access Control server
D. Export the results to a comma-separated list using an endpoint analysis command-line tool
Answer: B,C

# QUESTION 8:
In an environment that restricts client device access to resources based upon the presence of a specific
version of an antivirus software, which step must be completed for a continuous process scan?
A. Clear the MD5 field.
B. Browse to the client version of the antivirus executable.
C. Provide the registry path and values for the antivirus software.
D. Type the earliest date stamp that is acceptable for the process.
Answer: B

# QUESTION 9:
Scenario: You are in the process of deploying Advanced Access Control in your company's IT
environment. The corporate IT policy requires that all users have access to the company's employee
portal website, but only the sales team has access to their web-based CRM application. Which
configurations best meet the requirements of the described environment?
A. Create a single web resource and add the URL for both the employee portal and the CRM application.
Create a single access policy and grant only the sale team access to the CRM application.
B. create two separate web resources; one for the emplyee portal and one for the CRM application. Create
a single access policy and deny all non-sales team employees access to the CRM application. C.create
two separate web resources; one for the emplyee portal and one for the CRM application. create two
separate policies;include the empleye portal in one and include the CRM application in the second. Add a
filter to the CRM policy that denies all non-sales team employees access.
D. create two separate web resources; one for the emplyee portal and one for the CRM application. create
two separate policies;include the empleye portal in one and include the CRM application in the second.
Grant everyone access to the employee portal policy and only the sales team access to the CRM
application policy.
Answer: D

# QUESTION 10:
After providing the configuration database server and the access server farm name, which additional step
must an administrator perform to change the farm membership of server?
A. Run discovery in the Access Suite Console
B. Restart the server for which the farm membership was changed
C. Provide the credentials used to access the configuration database server
D. Restart the license server for the access server farm where the server was added
Answer: C

# QUESTION 11:
Which statement regarding the rules for configuring a connection policy is true?
A. Multiple connection policies can be used for a single session.
B. Multiple connection policies cannot be used for a single logon point.
C. IP address pools can be defined in the connection policy for dynamic IP addressing.
D. Names can be duplicated among several connection policies as long as the farm name is included.
Answer: C

# QUESTION 12:
Scenario: The password for the service account has been compromised. The administrator decides to use
a new user name and password for the service account. What are two requirements for changing the
service account? (Choose two.)
A. The Access Suite Console must be closed.
B. The administrator must use the Server Configuration Tool.
C. All the services must be manually stopped and then restarted again.
D. The administrator must use the Access Gateway Administration Tool.
Answer: A,B

# QUESTION 13:
When creating a custom filter that requires client devices to have a specific certificate installed and to
enter from a specific logon point but NOT pass an endpoint analysis scan which detects a worm on the
client system, which logical expression should be used to define the conditions under which a connection
is permitted? (For all options, X represents the certificate filter, Y represents the logon point, and Z
represents the passing of an endpoint analysis scan.)
A. (X OR Y) AND Z
B. (X OR Y) AND NOT Z
C. (X AND Y) AND NOT Z
D. (X AND Z) AND NOT Y
Answer: C

# QUESTION 14:
Which policy setting is the only permission that can be set for network resources?
A. Upload
B. Access
C. VPN Tunnel
D. File Type Association
Answer: B

# QUESTION 15:
In an environment where client devices must pass two file scans before being permitted access to the
network, which logical expression should be used to create a continuous scan?
A. NOT Y, where Y represents a failed scan
B. X OR Y, where X and Y represents the file scans
C. X AND Y, where X and Y represents the file scans
D. (X AND Y) OR Y, where X and Y represents the file scans
Answer: C

# QUESTION 16:
An administrator is instructed to configure advanced authentication using RADIUS profile and must
define RADIUS authentication.
Which node in the console tree should the administrator select to define RADIUS authentication? (Click
on the exhibit button to display the screen shot.)
Exhibit:
A. Servers node
B. Resources node
C. Configuration Tools node
D. Access Server Farm node
Answer: D

# QUESTION 17:
Which two settings(action controls) should be enabled to allow users to open and edit documents on
servers using published resources in server farms running Presentation Server? (Choose two.)
A. Access
B. Live Edit
C. Download
D. File Type Association
Answer: A,D

# QUESTION 18:
When a logon point is renamed just after it is deployed, __________. (Fill in the blank with a listed
option.)
A. it can no longer be used
B. it must be redeployed using the update function in the Access Suite Console
C. the Advanced Access Control setup CD must be used to redeploy the updated logon
D. it must be redeployed using the update/refresh function in the Server Configuration Wizard before
users can begin using the logon point to access resources
Answer: D

# QUESTION 19:
Which statement is true about access policies?
A. If multiple policies apply to a resource, a policy that allows access permission wins over other policies
that denies access permission.
B. Access to published applications and resources on a Citrix Presentation Server is controlled by
Advanced Access Control Presentation Server policies.
C. Access to published resources on Citrix Presentation Server depends on the properties of Advanced
Access Control policies and the logon point that is used to access the resources.
D. It is possible to select policy settings on the configure settings page for types of resources that you did
not select for the policy to control and add those types of resources to the policy at a later time.
Answer: D

# QUESTION 20:
From which node in the Access Suite Console can an administrator configure event logging?
A. Servers node
B. Resource node
C. Endpoint Analysis node
D. Access Server Farm node
Answer: D

# QUESTION 21:
Where can an administrator configure the endpoint analysis scan for an operating system?
A. In the Endpoint Analysis scan node
B. From the Operating System rule node
C. From the Operating System policy node
D. From the Operating System scan group node
Answer: D

# QUESTION 22:
Scenario: To ensure that a service pack level scan is run whenever Windows XP or 98 operating system
is encountered, which configuration is required?
A. Configure two rules for the scan with client device locale conditions and the remote language selected.
B. Configure two rules for the scan with logon point conditions and the remote logon point added to the
property value for the scan.
C. Configure two rules for the scan with the logon point and operating system conditions and SP1 as the
property values for the scan.
D. Configure two rules for the scan with operating system conditions and the respective service pack as
the property values for the scan.
Answer: D

# QUESTION 23:
If migrating from a MetaFrame Secure Access Manager 2.X implementation to Advanced Access
Control, which file must be specified during the initial configuration of the access server farm?
A. NFE.XML
B. XPS.CAB
C. NFUSE.CONF
D. MSAM2.X CAB
Answer: D

# QUESTION 24:
Which two steps must an administrator take to ensure that a file share appears in the navigation page for
users? (Choose two.)
A. Publish the file share.
B. Make the file share the home page.
C. Create a policy that allows users access to the file share.
D. Select the file share in the properties of the navigation page.
Answer: A,C

# QUESTION 25:
What does a port of zero (0) mean when defining a network resource?
A. All ports
B. No ports
C. TCP Port 0
D. Variable port depending on the resource table
Answer: A

# QUESTION 26:
Which server role must be selected for Advanced Access Control servers that will process CDAs?
A. Web server
B. State server
C. Agent server
D. HTML Preview server
Answer: C

# QUESTION 27:
In an environment where client devices must pass a file scan or a registry scan before being permitted
access to the network, which logical expression should be used to create a continuous scan? (For all
options, X represents the file scan and Y the registry scan.)
A. X OR Y
B. X AND Y
C. X OR NOT Y
D. (NOT X) AND (NOT Y)
Answer: A
# QUESTION 28:
In the Access Suite Console, which steps must an administrator take to create an access policy that
controls access to all visible servers and services in the network?
A. Select "Network Resources" and choose "Entire Network."
B. Select the farm node and disable network policy enforcement.
C. Select the Access Policies node in the console tree and add all visible servers and services to the
access policy.
D. Select the appropriate domain from the domain list and choose to make the access policy the default
authentication for that domain.
Answer: A

# QUESTION 29:
Which utility can an administrator use to audit a logged event for a specific server?
A. Access Suite Console
B. Windows Event Viewer
C. Server Configuration Tools
D. Presentation Server Management Console
Answer: B

# QUESTION 30:
Which three URL addresses are valid when creating a web resource? (Choose three.)
A. https://www.*.com/users/
B. http://Server1/Pilotresource
C. file://Server1/Pilotresource/index.html
D. http://Server1/Pilotresource/index.html
E. https://www.yourcompany.net/users/ #<username>
Answer: B,D,E

# QUESTION 31:
An administrator wants to ensure that all clients have anti-virus signatures that are no more than three
days old. How can this be accomplished?
A. Create a new scan package when updated signatures are released.
B. Create a scan rule which has a parameter that specifies the maximum age of the signatures.
C. Configure the Anti-Virus package to automatically download the latest pattern file periodically.
D. Use endpoint analysis command-line tools and scripts to update the anti-virus package parameters.
Answer: D

# QUESTION 32:
What are two required steps for creating a typical filter that would require users to logon using a specific
URL and their client devices to be running a specific anti-virus software? (Choose two.)
A. Choose to filter based on logon points
B. Run the Create Filter Wizard from the logon point
C. Choose to filter based on endpoint analysis scan results
D. Combine logon points and endpoint analysis results with the OR logical operator
Answer: A,C

# QUESTION 33:
Which type of filter should an administrator create, if a filter that specifies a particular NOT logic
condition must exist in order for access to be granted?
A. Typical Filter
B. Custom Filter
C. Negative Filter
D. Exclusion Filter
Answer: B

# QUESTION 34:
Which policy setting should be enabled if an administrator wants users to be able to open documents with
a published application?
A. Download
B. HTML Preview
C. Email as Attachment
D. File Type Association
Answer: D

# QUESTION 35:
What is required to administer an access server farm using the Access Suite Console?
A. An account which is in the Administrators role for the SQL server database.
B. An account which is in the Guest role of the Access Gateway Server COM+ application.
C. An account which is in the Systems role of the Access Gateway Server COM+ application.
D. An account which is in the Administrators role of the Access Gateway Server COM+ application.
Answer: D

# QUESTION 36:
Scenario: An administrator gives a user the URL
https://Accounting1.net/CitrixLogonPoint/AccountAccess to access a logon page. "Accounting1.net" is
the FQDN of the Advanced Access Control server hosting the logon
point and "AccountAccess" is the name of the logon point.
From the URL given to the user, which access method will be used to obtain resources
from the access server farm?

A. Default logon point

B. Secure Web Client
C. Browser-only access
D. Secure Access Client
Answer: C

# QUESTION 37:
Scenario: An administrator wants to make documents from a defined file share open from a Citrix
Presentation Server session. Which policy setting should be enabled for this purpose?
A. Live Edit
B. Download
C. HTML Preview
D. File type association
Answer: D

# QUESTION 38:
Which two conditions must be included in the first rule for a scan to ensure that the same conditions are
available for additional subsequent rules for the scan? (Choose two.)
A. Logon point
B. Operating system
C. Authentication strength
D. Client device regional locale
Answer: A,D

# QUESTION 39:
Scenario: An administrator is implementing Access Gateway with Advanced Access Control for use in
his environment. The implementation will be used primarily for mobile workers who may access
resources from diverse client devices, which may be locked down and may not allow files such as client
software to be downloaded. For this environment, which type of access should be given to the clients?
A. Direct access
B. VPN Client access
C. Kiosk Mode access
D. Browser-only access
Answer: D

# QUESTION 40:
Which type of IP addressing is needed to enable internal and external connection to the Access Gateway
appliance?
A. Static IP addressing
B. Default IP addressing
C. Dynamic IP addressing
D. Alternate IP addressing
Answer: A

# QUESTION 41: