Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Citrix Discussions
exam questions

Exam 1Y0-402 All Questions

View all questions & answers for the 1Y0-402 exam
Go to Exam

Exam 1Y0-402 topic 1 question 11 discussion

Actual exam question from Citrix's 1Y0-402
Question #: 11
Topic #: 1
[All 1Y0-402 Questions]

Scenario: A Citrix Architect needs to design a new XenApp and XenDesktop environment.
The architect has identified the User Layer requirements, as shown in the Exhibit.
Click the Exhibit button to view the requirements.

Additionally, management at the organization has identified the following general Access Layer requirements:
✑ A multi-factor authentication method is required for any connections to the XenApp and XenDesktop environment originating from outside the corporate network.
✑ External connections must be authenticated by a NetScaler Gateway virtual server located in a DMZ network.
✑ Internal connection traffic should NOT leave the internal corporate network.
Which two authentication methods should the architect use for the Contractors group? (Choose two.)

  • A. RADIUS authentication
  • B. Smart Cards
  • C. SAML authentication
  • D. Domain pass-through
  • E. Federated Authentication Service
  • F. Username and password
Show Suggested Answer Hide Answer
Suggested Answer: CE 🗳️
by hck at April 18, 2020, 4:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
d0bermannn
2 years, 9 months ago
Selected Answer: AC
A&C is correct
upvoted 1 times
...
kepler
3 years, 10 months ago
why not C and E? SAML allows them to use their own idP, and FAS being the intermediary for single sign on with Workspace/AD. This way, they will not be prompted for username/pw from AD.
upvoted 3 times
d0bermannn
2 years, 9 months ago
do FAS can handle not domain joined devices?
upvoted 1 times
...
...
thedelph
4 years, 3 months ago
I think this is A and C. A because it says MFA is required, so a RADIUS pin would meet this requirement. C because it says users must supply their own authentication provider. https://docs.citrix.com/en-us/netscaler/12/aaa-tm/saml-authentication.html It is not D because it's BYOD therefore domain pass-through wouldn't work. It's not F because the question states that users should not have knowledge of workspace services credentials.
upvoted 3 times
...
PFer
4 years, 4 months ago
C & D. The answer is correct, using SAML from the IDP certificate assertion, making client certificate has a MFA. https://docs.citrix.com/en-us/netscaler/12/aaa-tm/saml-authentication.html
upvoted 1 times
...
tripatpd
4 years, 5 months ago
I think A and E is correct answer
upvoted 1 times
d0bermannn
2 years, 9 months ago
do FAS can handle not domain joined devices?
upvoted 1 times
...
...
Guenne
4 years, 5 months ago
Should be A and E
upvoted 1 times
d0bermannn
2 years, 9 months ago
do FAS can handle not domain joined devices?
upvoted 1 times
...
...
CitrixNick
4 years, 7 months ago
Citrix reference Design methodology access layer https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/citrix-vdi-best-practices/design/design-userlayer2.html
upvoted 1 times
...
hck
4 years, 7 months ago
Should be A and C. SAML IdP is required for users to be able to use their own credentials (not Workspace credentials). RADIUS for multi-factor auth as per requirement.
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel