nerdexam
Citrix

1Y0-241 · Question #128

1Y0-241 Question #128: Real Exam Question with Answer & Explanation

The correct answer is C. add simpleacl rule1 DENY -srcIP 10.10.10.100 -TTL 600. NetScaler evaluates simple ACLs first in the order they were created and stops at the first matching rule. Here, rule1 (the simple ACL with just the source IP) matches any traffic from 10.10.10.100-so it will always be the one used to deny access, even before the more specific po

Question

Scenario: A Citrix Administrator entered the command line interface (CLI) commands below to prevent IP address 10.10.10.100 from accessing the NetScaler on port 80. > add simpleacl rule1 DENY -srcIP 10.10.10.100 -TTL 600 > add simpleacl rule2 DENY -srcIP 10.10.10.100 -destPort 80 > add ns acl rule1 DENY -srcIP 10.10.10.100 -priority 10 > add ns acl rule2 DENY -srcIP 10.10.10.100 -priority 100 apply ns acls Which access control list (ACL) will the NetScaler use to satisfy the scenario?

Options

  • Aadd ns acl rule1 DENY -srcIP 10.10.10.100 -priority 10
  • Badd simpleacl rule2 DENY -srcIP 10.10.10.100 -destPort 80
  • Cadd simpleacl rule1 DENY -srcIP 10.10.10.100 -TTL 600
  • Dadd ns acl rule2 DENY -srcIP 10.10.10.100 -priority 100

Explanation

NetScaler evaluates simple ACLs first in the order they were created and stops at the first matching rule. Here, rule1 (the simple ACL with just the source IP) matches any traffic from 10.10.10.100-so it will always be the one used to deny access, even before the more specific port-80 rule is considered.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 1Y0-241 Practice