Citrix 1Y0-440 Exam With Confidence Using Practice Dumps

Scenario: A Citrix Architect needs to design a new solution within Microsoft Azure. The architect would like to create a highly available Citrix ADC VPX pair to provide load balancing for applications hosted in the Azure deployment which will receive traffic arriving from the Internet. In order to maximize its investment, the organization would like both Citrix ADC VPX instances to actively load-balance connection requests. Which two approaches are possible solutions for the architect to use to design the solution? (Choose two.)

Scenario: A Citrix Architect has met with a team of Workspacelab members for a design discussion. They have captured the following requirements for the Citrix ADC design project:

• Multi-factor authentication must be configured for the Citrix Gateway virtual server.
• The Citrix Gateway virtual server is integrated with the Citrix Virtual Apps and Desktops environment.
• Load balancing must be configured for the StoreFront server.
• Authentication must be deployed for the users from the workspacelab.com and vendorlab.com domains.
• The logon page must have the workspacelab logo on it.
• Certificate verification must be performed to identify and extract the username.
• The client certificate must have UserPrincipalName as a subject.
• All the managed workstations for the workspacelab users must have the client identification certificate installed on them.
• The workspacelab users connecting from the internal network should be authenticated using LDAP.
• The workspacelab users connecting from the external network should be authenticated using LDAP and RADIUS.
• The vendorlab users should be authenticated using Active Directory Federation Service.
• The user credentials must NOT be shared between workspacelab and vendorlab.
• Single Sign-on must be performed between StoreFront and Citrix Gateway.
• A domain drop down list must be provided if the user connects to the Citrix Gateway virtual server externally.
• The domain of the user connecting externally must be identified using the domain selected from the domain drop down list.

Which authentication policy must the architect execute first to meet the design requirements?

Scenario: Based on a discussion between a Citrix Architect and a team of Workspacelab members, the MPX Logical layout for Workspacelab has been created across three (3) sites.

They captured the following requirements during the design discussion held for a Citrix ADC design project:

• All three (3) Workspacelab sites (DC NDR and DR) will have similar Citrix ADC configurations and design
• Both external and internal Citrix ADC MPX appliances will have Global Server Load Balancing (GSLB) configured and deployed in Active/Passive mode
• GSLB should resolve both A and AAA DNS queries.
• In the GSLB deployment the NDR site will act as backup for the DC site, whereas the DR site will act as backup for the NDR site
• When the external Citrix ADC replies to DNS traffic coming in through Cisco Firepower IPS the replies should be sent back through the same path
• On the internal Citrix ADC. both front-end VIP and back-end SNIP will be part of the same subnet
• USIP is configured on the DMZ Citrix ADC appliances
• The external Citrix ADC will act as default gateway for back-end servers.
• All three (3) sites (DC, NDR, and DR) will have two (2) links to the Internet from different service providers configured in Active/Standby mode

Which design decision must the architect make to meet the design requirements above?