ExamTopics Logo
Mail Us[email protected]
Menu
Citrix Discussions
exam questions

Exam 1Y0-312 All Questions

View all questions & answers for the 1Y0-312 exam
Go to Exam

Exam 1Y0-312 topic 1 question 7 discussion

Actual exam question from Citrix's 1Y0-312
Question #: 7
Topic #: 1
[All 1Y0-312 Questions]

Scenario: A newly created Citrix Virtual Apps and Desktops site has sensitive information. The users consistently use different browsers for their daily tasks. A
Citrix Engineer is looking for ways to minimize attacks like ransomware, phishing, and session hijacking.
Which two steps can the engineer take to minimize attacks without interfering with user productivity? (Choose two.)

  • A. Disable access to specific browsers.
  • B. Disable all the user plugins.
  • C. Implement HTTP Strict Transport Security (HSTS).
  • D. Use HTTP response headers to send security policies to endpoint browsers.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by Pinball2020 at Oct. 6, 2020, 10:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PandiyanR
Highly Voted 4 years ago
Seems it should be C and D • Use HTTPS for access to external web sites, especially if sensitive data will be transmitted. HTTP Strict Transport Security (HSTS) can be optionally implemented by web applications to prevent the use of HTTP for the web connection by using a special response header. • HTTP response headers can be used to send security policies to an endpoint’s browser, ultimately ensuring a more secure connection.
upvoted 15 times
...
NSLove
Most Recent 1 year ago
HSTS do not help the client security in terms of pishing, ransomware. B is OK
upvoted 1 times
...
hawkens
1 year, 10 months ago
C&D are both NetScaler settings. I assume this is a CVAD environment, so the answer should be A&B
upvoted 2 times
...
lgr001
2 years ago
Selected Answer: CD
C D are correct
upvoted 1 times
...
Wardi
2 years, 12 months ago
I go for C and D as A and B restrict the users productivity.
upvoted 2 times
...
Tripp_F
3 years, 6 months ago
I believe this one should be C and D. While disabling user plugins would be good from a security standpoint, it doesn't meet the constraints of the question (minimize attacks *without interfering with user productivity*).
upvoted 2 times
...
Shekharctx
3 years, 6 months ago
C & D are correct answer
upvoted 3 times
...
mco_w
4 years, 1 month ago
It should be B & C. HTTP Strict Transport Security (HSTS) can be optionally implemented by web applications to prevent the use of HTTP for the web connection by using a special response header. Source: CWS-315-2I-en-StudentManual-1-3-days-v02 - Page 246
upvoted 2 times
Shekharctx
3 years, 6 months ago
I agree. B&C
upvoted 1 times
...
...
ArtC
4 years, 2 months ago
Definitely B C makes sense: https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html
upvoted 1 times
...
Pinball2020
4 years, 4 months ago
shouldn't this be B&C?
upvoted 3 times
BeatOn
4 years, 3 months ago
Maybe it's really B+C
upvoted 2 times
...
BeatOn
4 years, 3 months ago
I Don't think that HSTS is on Exam scope
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel