ExamTopics Logo
Mail Us[email protected]
Menu
Citrix Discussions
exam questions

Exam 1Y0-403 All Questions

View all questions & answers for the 1Y0-403 exam
Go to Exam

Exam 1Y0-403 topic 1 question 12 discussion

Actual exam question from Citrix's 1Y0-403
Question #: 12
Topic #: 1
[All 1Y0-403 Questions]

After reviewing a Proof of Concept (PoC) environment for Citrix Virtual Apps and Desktops, the corporate security team advises that user access to Regedit, command line, and PowerShell must be disabled.
Which technology can a Citrix Architect use to address this requirement with the least amount of effort?

  • A. Citrix ADC Endpoint Analysis (EPA)
  • B. Citrix policies
  • C. Citrix Workspace ADMX templates
  • D. Citrix ADC SmartControl
  • E. Citrix Workspace Environment Management (WEM)
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
by bonepin at Sept. 30, 2020, 2:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bonepin
Highly Voted 4 years, 4 months ago
I think E is correct
upvoted 14 times
...
jdstroy
Highly Voted 3 years ago
Selected Answer: E
You could do it with MS GPOs but the right answer is E!
upvoted 6 times
d0bermannn
3 years ago
I am not a WEM fan, but here there is no other option, agreed with E
upvoted 2 times
...
...
Fvicente
Most Recent 1 year, 5 months ago
Selected Answer: E
For WEM the AppLocker feature just apply security rules to Windows, such as you block the PS to run, and then the Windows will block powershell.exe to launch from anyway.
upvoted 1 times
...
DipakSanadi
3 years, 2 months ago
WEM correct answare
upvoted 2 times
...
certhunterfembot
4 years ago
I see comments saying that GPO isn't an option, but ADMX templates are designed to go into a GPO, so wouldn't that be an easier option than setting up WEM?
upvoted 2 times
3a0f5fb
1 year, 1 month ago
Citrix policies aren't Microsoft Group Policies (GPO)
upvoted 1 times
...
patpatty
4 years ago
The point is that there aren't Citrix policies alone can't do this, you also need MS GPOs. Since "Citrix Policies & MS GPO" isn't an answer, it has to be WEM.
upvoted 3 times
...
...
CurryMuncher
4 years ago
Gino_ is 100% correct. Thank you Gino_ Look at this gem that I found, it confirms its WEM https://docs.citrix.com/en-us/workspace-environment-management/current-release/reference/environmental-settings-registry-values.html
upvoted 3 times
...
CurryMuncher
4 years, 1 month ago
Answer is B since they are asking "with the least amount of effort?" all other options would require you to do something and/or implement something.
upvoted 1 times
Gino_
4 years ago
You cannot enforce this with Citrix Policies. There is no such setting. You can configure it with MS GPO, but this option is not available. WEM is the only available option.
upvoted 3 times
...
...
kepler
4 years, 1 month ago
GPO would have been the best answer, but its not in the list, so the next best answer is WEM (I hate this type of question, as it mentioned "least effort"). WEM requires lots of effort (WEM broker, agent, sql, ).
upvoted 3 times
d0bermannn
3 years ago
I am not a WEM fan also, but here there is no other option, agreed with E
upvoted 1 times
...
...
TB12isthegreat
4 years, 3 months ago
I think that E is the best answer since Citrix policies are not the same of GPO.....Correct me if I'm wrong but I can't find a way to block these three apps from Citrix Policies....
upvoted 2 times
BeatOn
4 years, 2 months ago
It's E, Citrix Policy cant enforce regedit and cmd execution. if there is no Windows GPO so WEM is the BEST (E)
upvoted 4 times
...
...
Bobo11
4 years, 3 months ago
Can be B and E. It is debatable. "Least amount of effort" implies Policies (B) since you already have a Windows environment. Thinking in the Citrix way implies E where you can easily mark those features as not accessible to users. But you have to install a WEm Infrastructure server and configure it. I would go for B.
upvoted 1 times
d0bermannn
3 years ago
There is no way to tune any regedit & pwsh start options in ctx policies Agreed that 'least amount of effort' is not about wem, but as we have no ado option, wem in more reliable. Answer is E [assuming we have wem in our infra already)]
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel