Exam 1Y0-403 All QuestionsBrowse all questions from this exam
Go to Exam
Question 79

Scenario: A Citrix Architect deployed a new Citrix Virtual Desktops environment in Citrix Cloud. The environment is accessed exclusively by users in a location where Citrix Cloud does NOT have a local point of presence (POP). The Corporate Security team advises that a new industry regulation requires that all user

HDX-session communications remain within the country.

In addition, users have requested file-type-association functionality to launch published applications from within their virtual desktops.

What should the architect configure for this deployment?

    Correct Answer: A

    Given the requirement that all user HDX-session communications must remain within the country and considering the need for file-type-association functionality, the best configuration is to use an on-premises Citrix Gateway with on-premises StoreFront. This setup ensures that all HDX traffic stays local, adhering to the industry regulation, and supports file-type associations by leveraging the local StoreFront server functionality.

Discussion
hwoccurrenceOption: A

I would choose A.

citrixmucOption: A

File-type association needs a local Storefront server -> A is correct

d0bermannnOption: A

User HDX-session communications must remain within the country & no ctx POP in the country means on-prem architecture [as we always follow our security team].Simple FTA implementation on prem is a bonus) Answer A

PreppyOption: C

C is correct. People are missing that the question only says *HDX-session* communications (the SSL-wrapped ICA traffic between the user and the VDA) must remain in the country. There is no restriction given for non-session traffic, such as enumeration or authentication, so we are free to use Citrix Workspace for all non-session traffic. See https://docs.citrix.com/en-us/tech-zone/learn/media/tech-briefs_cvads_onpremgwpng.png. Step 9 is where the actual HDX session starts, then all HDX-session traffic carrying ICA is between the user and the in-country on-prem Citrix Gateway, meeting the requirements. An on-prem Storefront would only be required if the question also said auth traffic and enumeration traffic also had to stay within the country, but it does not.

Preppy

Note that this would still require the latency and bandwidth from the country where the VDA / Cloud Connector is hosted to Citrix Cloud to be within requirements, but the question does not say that is not the case. Most countries are within acceptable latency distance of a country with an existing Citrix Cloud POP, so it's safe to assume that they are. The only traffic between countries with on-prem Gateway and Citrix Cloud Workspace would be non-HDX-session traffic that is not sensitive to a minor amount of in-region (but not in-country) latency that the country is in: - From the user to Citrix Cloud for enumerating apps in Workspace Client / Browser - Between Citrix Cloud and the Cloud Connector for AD authentication, sending a message to the VDA to tell it to prepare for a session (but not the actual session HDX traffic itself), VDA license validation, STA ticket validation, and session policy delivery.

jdstroyOption: A

For file-type association you need Storefront I guess...

jdstroyOption: C

C should be right. Look at: https://docs.citrix.com/en-us/tech-zone/learn/tech-briefs/cvads.html Cloud Hosted Workspace with on-premises Gateway

jdstroy

Sorry, C is wrong!

vipjasonOption: C

The cloud service will do the brokering but the "HDX Sessions" will strictly go from the endpoints to the on-prem gateway, which indicates that there is on-prem VDAs.

RH747Option: A

A as it requires file-type associations within the published desktop https://support.citrix.com/article/CTX218743/set-file-type-association-to-open-files-using-published-applications