A network engineer is troubleshooting a situation where ARP requests for IPs in other subnets (for example 10.192.12.80) are appearing in the 10.192.8.0/24 subnet. Which command could the engineer run on the NetScaler to verify IP to VLAN bindings?
A. show ip
B. netstat -r
C. show arp
D. show vlan
Scenario: A network engineer suspects that there is a duplex mismatch in the network configuration. The NSIP address is 10.10.1.206. How can the administrator verify the configuration in this scenario?
A. Run the ‘netstat -r’ command.
B. Run the show IP 10.10.1.206 command.
C. Run the start nstrace -level 10 command.
D. Check for the interface configuration in the GUI.
Scenario: A user browses to a page and is presented with a warning that he is trying to enter a web site with an untrusted certificate. The network engineer had added the correct certificate to the SSL virtual server. What could be the cause of this issue?
A. TLS is disabled on the virtual server.
B. The certificate is not linked to the intermediate CA
C. The certificate has expired and needs to be renewed.
D. The CA certificate has not been added to the SSL virtual server.
A network engineer is trying to read a nstrace from the NetScaler but can only see encrypted traffic. Which file(s) are required to decrypt the network trace?
A. The server certificate
B. The servers root certificate
C. The private key for the server certificate
D. The private key for the server root certificate
Scenario: A network engineer created an SSL virtual server and enabled smart card on it. The engineer tried browsing to the server and noticed the back-end system could NOT see the users certificates. What could be causing this issue?
A. The SSL virtual server cannot forward a client certificate.
B. The network engineer has not set smart card to mandatory.
C. The SSL virtual server cannot use smart card authentication.
D. The network engineer has not enabled SNI on the virtual server.
E. The network engineer forgot to enable the SSL policy allowing smart card forwarding on the SSL
A network engineer might choose to use SSL_Bridge instead of a SSL virtual server in order to __________. (Choose the correct option to complete the sentence.)
A. be able to decrypt the SSL traffic
B. enable use of OCSP for revoked certificates
C. pass user certificates to the back-end servers
D. enable SSL server certificates on the service group
Scenario: A network engineer has bound four policies to an HTTP virtual server as follows:
PolicyA is bound with a priority of 10 and has the following expression: REQ.IP.SOURCEIP == 10.10.10.0
PolicyB is bound with a priority of 15 and has the following expression: REQ.IP.SOURCEIP != 10.10.11.0
PolicyC is bound with a priority of 20 and has the following expression: REQ.IP.SOURCEIP == 10.10.12.0
PolicyD is bound with a priority of 25 and has the following expression: REQ.IP.SOURCEIP != 10.10.13.0
When a connection is made from a PC with an IP address of 10.10.12.15, which policy will be applied?
Scenario: A network engineer has bound four policies to a virtual server as follows:
PolicyA has a priority of 10
PolicyB has a priority of 20
PolicyC has a priority of 30
PolicyD has a priority of 0
Which policy will be evaluated first?
Scenario: An engineer has a NetScaler system with NSIP 192.168.10.1 with subnet mask 255.255.0.0. The company changed the IP network to use subnet mask 255.255.255.0. Which two commands could the engineer run to modify the subnet mask of the NSIP? (Choose two.)
C. set ns ip
D. add ns ip
Scenario: A network engineer is going to roll out an upgrade from a 9.x version on a standalone NetScaler appliance using the command-line interface. Which two items does the engineer need to download before proceeding with the upgrade? (Choose two.)
A. SSL Certificates Files
B. NetScaler Firmware File
C. NetScaler Configuration file
D. NetScaler Documentation File
If you want to pass the Citrix CCA 1Y0-A28 exam sucessfully, recommend to read latest Citrix CCA 1Y0-A28 Exam Dumps full version.