Scenario: A Citrix Architect has deployed two MPX devices, 12.0.53.13 nc and MPX 11500 models, in high availability (HA) pair for the Workspace labs team. The deployment method is two-arm and the devices are installed behind a CISCO ASA 5585 Firewall. The architect enabled the following features on the NetScaler devices. Content Switching, SSL Offloading, Load Balancing, NetScaler Gateway, Application Firewall in hybrid security and Appflow. All are enabled to send monitoring information to NMAS 12.0.53.13 nc build. The architect is preparing to configure load balancing for Microsoft Exchange 2016 server.
The following requirements were discussed during the implementation:
* All traffic needs to be segregated based on applications, and the fewest number of IP addresses should be utilized during the configuration
* All traffic should be secured and any traffic coming into HTTP should be redirected to HTTPS.
* Single Sign-on should be created for Microsoft Outlook web access (OWA).
* NetScaler should recognize Uniform Resource Identifier (URl) and close the session to NetScaler when users hit the Logoff button in Microsoft Outlook web access.
* Users should be able to authenticate using either user principal name (UPN) or sAMAccountName.
* The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers and the monitor probes must be sent on SSL
Which monitor will meet these requirements?

1. A. add lb monitor mon_rpc HTTP-ECV –send “GET /rpc/healthcheck.htm” recv 200 –LRTM DISABLED
2. B. add lb monitor mon_rpc HTTP-ECV –send “GET /rpc/healthcheck.htm” recv 200 –LRTM ENABLED
3. C. add lb monitor mon_rpc HTTP –send “GET /rpc/healthcheck.htm” recv 200 –LRTM DISABLED –secure YES
4. D. add lb monitor mon_rpc HTTP-ECV –send “GET/rpc/healthcheck.htm” recv 200 –LRTM DISABLED –secure YES

Correct Answer: A

Which encoding type can a Citrix Architect use to encode the StyleBook content, when importing the StyleBook configuration under source attribute?

1. A. Hex
2. B. base64
3. C. URL
4. D. Unicode

Correct Answer: B
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/stylebooks/how-to-use-api-to-create-configuration-from-stylebooks/import-custom-stylebooks.html

Which three methods can a Citrix Architect use to assess the capabilities of a network infrastructure? (Choose three.)

1. A. Review existing monitoring solutions for periods of latency, lost packets, and insufficient bandwidth.
2. B. Map the location of the users against the existing network topology.
3. C. Alter firewall rules of existing network to fit into the new NetScaler Deployment.
4. D. Examine the topology for single points of failure and potential bottlenecks.
5. E. Ensure that users and computers are in the correct organizational units (OUs).

Correct Answer: ABD

What can help a Citrix Architect prepare to discuss time scales and resource requirements?

1. A. Creating a high-level project plan.
2. B. Meeting with each member of the project team to assign tasks.
3. C. Designing the new environment.
4. D. Setting expectations with the project’s key stakeholders.
5. E. Identifying challenges associated with the project.

Correct Answer: A
Reference: https://www.citrix.com/blogs/2012/03/30/desktop-transformation-high-level-project-plan/

Scenario: A Citrix Architect has deployed an authentication setup with a ShareFile load-balancing virtual server. The NetScaler is configured as the Service Provider and Portalguard server is utilized as the SAML Identity Provider. While performing the functional testing, the architect finds that after the users enter their credentials on the logon page provided by Portalguard, they get redirected back to the Netscaler Gateway page at uri /cgi/samlauth/ and receive the following error.
“SAML Assertion verification failed; Please contact your administrator.” The events in the /var/log/ns.log at the time of this issue are as follows:
Feb 23 20:35:21 10.148.138.5 23/02/2018:20:35:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225369 0 : ”SAML : ParseAssertion: parsed attribute NameID, value is nameid”
Feb 23 20:35:21 10.148.138.5 23/02/2018:20:35:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225370 0 : “SAML verify digest: algorithms differ, expected SHA1 found SHA256”
Feb 23 20:35:44 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225373 0 : “SAML : ParseAssertion: parsed attribute NameID, value is named
Feb 23 20:35:44 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225374 0 : “SAML verify digest: algorithms differ, expected SHA1 found SHA256”
Feb 23 20:37:55 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225378 0 : ”SAML : ParseAssertion: parsed
attribute NameID, value is nameid”
Feb 23 20:37:55 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225379 0 : ”SAML verify digest: algorithms differ, expected SHA1 found SHA256”
What should the architect change in the SAML action to resolve this issue?

1. A. Signature Algorithm to SHA 256
2. B. The Digest Method to SHA 256
3. C. The Digest Method to SHA 1
4. D. Signature Algorithm to SHA 1

Correct Answer: D