Citrix 1y0-371 practice test

Designing, Deploying and Managing Citrix XenMobile 10 Enterprise Solutions

Last exam update: Nov 18 ,2025
Page 1 out of 10. Viewing questions 1-15 out of 143

Question 1

Which XenMobile deployment option would pose the greatest security risk?

  • A. SSL Bridge at the NetScaler load balancing tier with the XenMobile Server in the Demilitarized Zone (DMZ).
  • B. SSL Bridge at the NetScaler load balancing tier with the XenMobile Server on the internal network segment.
  • C. SSL Offload at the NetScaler load balancing tier with the XenMobile Server in the Demilitarized Zone (DMZ).
  • D. SSL Offload at the NetScaler load balancing tier with the XenMobile Server on the internal network segment.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

What are two valid reasons for deploying a XenMobile Server in the Demilitarized Zone (DMZ)?
(Choose two.)

  • A. A XenMobile Server is a hardened, FIPS-capable Linux appliance.
  • B. A XenMobile Server deployed in the DMZ reduces the number of external firewall rules that need to be implemented.
  • C. A XenMobile Server deployed in the DMZ reduces the risk of connectivity issues between the NetScaler and the XenMobile Server.
  • D. A XenMobile Server deployed in the DMZ can serve as a Secure Ticket Authority (STA) for WorxMail.
Mark Question:
Answer:

A, C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

A Citrix Engineer must deploy a scheduling policy to __________ and __________ devices in order to
allow these devices to check in automatically without further intervention by the engineer. (Choose
the two correct options to complete the sentence.)

  • A. iOS
  • B. Android
  • C. Windows Phone 8.1
  • D. Symbian
Mark Question:
Answer:

B, D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Scenario: A Citrix Engineer needs to deploy a XenMobile solution for a large organization. The
organization will use XenMobile to manage Android and iOS devices.
To provide resilience, NetScaler appliances will communicate with XenMobile Servers. The engineer
has deployed all necessary infrastructure and opened the required firewall ports. To load balance
mobile device management traffic, the engineer has configured NetScaler to use SSL_Bridge to
communicate with a XenMobile Server cluster.
Which persistence method should the engineer configure to facilitate consistent communication
between the NetScaler and the XenMobile Servers?

  • A. SSLSESSION
  • B. CUSTOMSERVERID
  • C. DESTIP
  • D. COOKIEINSERT
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

A Citrix Engineer is testing enrollment and notices that while Mobile Device Management (MDM)
enrollment succeeds, Mobile Application Management (MAM) enrollment fails.
A possible cause of this issue is that ports __________ from the __________ are NOT open. (Choose
the correct set of options to complete the sentence.)

  • A. 636 or 389; NetScaler
  • B. 443 or 4443; NetScaler
  • C. 636 or 389; XenMobile Server
  • D. 443 or 4443; XenMobile Server
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Scenario: A Citrix Engineer is configuring the NetScaler appliance for SSL offloading. The XenMobile
Server is named xms.domain.com.
The following is a list of the certificates installed on the NetScaler:
- *.domain.com - wildcard server certificate
- cacerts.pem - devices certificate
- xms.domain.com - server certificate for the XenMobile Server
- dc-1-CA.cer - Root certificate for *.domain.com
The engineer needs to configure an SSL Load Balancing virtual server for HTTPS 443 bound with
__________ and the XenMobile Server service to use __________. (Choose the correct set of options
to complete the sentence.)

  • A. *.domain.com and dc-1-CA.cer; HTTP 80
  • B. *.domain.com and cacerts.pem; HTTPS 443 bound with xms.domain.com
  • C. *.domain.com and cacerts.pem; HTTP 80
  • D. *.domain.com and dc-1-CA.cer; HTTPS 443 bound with xms.domain.com
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Scenario: A Citrix Engineer is designing a XenMobile Enterprise solution to support approximately
30,000 device connections. The environment must be able to sustain the failure of one node in a
cluster at any given time for redundancy and maintenance purposes. Each server's specifications
include four vCPUs and 16 GB of RAM.
What is the minimum number of XenMobile Servers that the engineer should recommend as part of
this cluster?

  • A. Two
  • B. Three
  • C. Four
  • D. Five
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

In which way does implementing Worx PIN improve the user experience while maintaining
Enterprise security?

  • A. It streamlines the user experience when the Active Directory password is changed.
  • B. It allows the user to use a unique, synchronized PIN for device and application access without modifying corporate password policy.
  • C. It reduces the number of times the user has to authenticate to launch managed applications.
  • D. It reduces the complexity of daily password entry without modifying corporate password policy.
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

A Citrix Engineer needs to design a multi-node, scalable XenMobile solution.
Which database type should the engineer choose to meet the needs of this deployment?

  • A. Microsoft SQL
  • B. PostgreSQL
  • C. Oracle
  • D. MySQL
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Scenario: A Citrix Engineer wants to provide access from WorxWeb to internal corporate websites
that require client certificate authentication. The engineer has configured the NetScaler with
Clientless Access to "On", and Plug-in type to Windows / Mac OSX.
Which two settings should the engineer configure within the WorxWeb MDX policies to ensure that
users could access these sites successfully without errors? (Choose two.)

  • A. Set Network access to "Tunneled to internal network".
  • B. Set VPN to "Full VPN tunnel".
  • C. Set VPN to "Secure browse".
  • D. Set an Allowed or blocked websites policy.
Mark Question:
Answer:

A, B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

A Citrix Engineer must delegate enrollment invitation management to Level 1 administrators.
What should the engineer do to accomplish this objective?

  • A. Configure AAA groups on the NetScaler Gateway; allow only this group to access the console over port 4443.
  • B. Create a local group on the XenMobile Server; allow only Level 1 administrators access to it.
  • C. Configure a Delivery Group within the XenMobile Server; deploy the security policies only to the dedicated group of Level 1 administrators.
  • D. Configure Role-based Access Control (RBAC); assign only the desired permissions to the Active Directory group where the Level 1 administrators reside.
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

A Citrix Engineer needs to allow junior administrators to perform selective wipe requests from a
single console for users who are members of the IT and HR departments.
What should the engineer do to accomplish this objective?

  • A. Use two XenMobile instances, one for IT and HR users, and another instance for all other users.
  • B. Use XenMobile Role-based Access Control (RBAC) to delegate the selective wipe permission to the junior administrative team, only targeting users in the IT and HR departments.
  • C. Use XenMobile deployment rules to assign the selective wipe task to the junior administrative team and only target the IT and HR users.
  • D. Create XenMobile Delivery Groups to assign the selective wipe option to the junior administrative team for the IT and HR users.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which two components are required in order for a Citrix Engineer to use the MDX Toolkit to wrap
Android applications for production use? (Choose two.)

  • A. Command-line tools
  • B. Enterprise certificate from Symantec
  • C. Android Developer Tools and Android SDK
  • D. Android Just-in-Time Compiler
  • E. A keystore certificate
Mark Question:
Answer:

C, E

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 14

Which two types of certificates will require a restart when uploaded to a XenMobile Server using the
XenMobile Console? (Choose two.)

  • A. SSL Listener
  • B. Root
  • C. Apple Push Notification service (APNs)
  • D. Intermediate
  • E. Device Certificate Authority (CA)
Mark Question:
Answer:

A, C

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 15

Scenario: A Citrix Engineer needs to implement SSL Offload in which traffic is encrypted all the way
from the client device to the XenMobile Server. The vServer and service configurations are listed
below.
Load balancing vServers:
- Protocol: SSL, Port: 443
- Protocol: SSL, Port: 8443
Services:
- Protocol: SSL, Port: 443 (Bound to 443 vServer)
- Protocol: SSL, Port: 8443 (Bound to 8443 vServer)
The current configuration is NOT working properly.
What should the engineer adjust to implement SSL Offload successfully?

  • A. Bind Port 80 services to both the 443 and 8443 load-balancing vServers but make no other changes.
  • B. Bind the port 8443 service to the port 443 vServer; the port 443 service is NOT needed.
  • C. Bind the port 443 service to the port 8443 vServer; the port 8443 service is NOT needed.
  • D. Bind Port 80 services to both the 443 and 8443 load-balancing vServers and open port 80 on the XenMobile Server IP Tables firewall.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2