Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Citrix Discussions

Exam 1Y0-312 topic 1 question 7 discussion

Actual exam question from Citrix's 1Y0-312
Question #: 7
Topic #: 1
[All 1Y0-312 Questions]

Scenario: A newly created Citrix Virtual Apps and Desktops site has sensitive information. The users consistently use different browsers for their daily tasks. A
Citrix Engineer is looking for ways to minimize attacks like ransomware, phishing, and session hijacking.
Which two steps can the engineer take to minimize attacks without interfering with user productivity? (Choose two.)

  • A. Disable access to specific browsers.
  • B. Disable all the user plugins.
  • C. Implement HTTP Strict Transport Security (HSTS).
  • D. Use HTTP response headers to send security policies to endpoint browsers.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by Pinball2020 at Oct. 6, 2020, 10:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
PandiyanR
Highly Voted 3 years, 2 months ago
Seems it should be C and D • Use HTTPS for access to external web sites, especially if sensitive data will be transmitted. HTTP Strict Transport Security (HSTS) can be optionally implemented by web applications to prevent the use of HTTP for the web connection by using a special response header. • HTTP response headers can be used to send security policies to an endpoint’s browser, ultimately ensuring a more secure connection.
upvoted 15 times
...
NSLove
Most Recent 2 months, 1 week ago
HSTS do not help the client security in terms of pishing, ransomware. B is OK
upvoted 1 times
...
hawkens
1 year ago
C&D are both NetScaler settings. I assume this is a CVAD environment, so the answer should be A&B
upvoted 2 times
...
lgr001
1 year, 3 months ago
Selected Answer: CD
C D are correct
upvoted 1 times
...
Wardi
2 years, 2 months ago
I go for C and D as A and B restrict the users productivity.
upvoted 2 times
...
Tripp_F
2 years, 8 months ago
I believe this one should be C and D. While disabling user plugins would be good from a security standpoint, it doesn't meet the constraints of the question (minimize attacks *without interfering with user productivity*).
upvoted 2 times
...
Shekharctx
2 years, 9 months ago
C & D are correct answer
upvoted 3 times
...
mco_w
3 years, 4 months ago
It should be B & C. HTTP Strict Transport Security (HSTS) can be optionally implemented by web applications to prevent the use of HTTP for the web connection by using a special response header. Source: CWS-315-2I-en-StudentManual-1-3-days-v02 - Page 246
upvoted 2 times
Shekharctx
2 years, 9 months ago
I agree. B&C
upvoted 1 times
...
...
ArtC
3 years, 4 months ago
Definitely B C makes sense: https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html
upvoted 1 times
...
Pinball2020
3 years, 6 months ago
shouldn't this be B&C?
upvoted 3 times
BeatOn
3 years, 6 months ago
I Don't think that HSTS is on Exam scope
upvoted 2 times
...
BeatOn
3 years, 6 months ago
Maybe it's really B+C
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel