Scenario: A Citrix Architect needs to design a new XenApp and XenDesktop environment.
The following Control Layer security requirements have been identified:
✑ For security reasons, it is unacceptable to use default ports for FMA Services.
✑ Access to PowerShell and Citrix Studio for management will be restricted to management workstations by granular firewall rules.
Which command-line interface executable should the architect run to ensure that all Control Layer security requirements are met?
To meet the security requirements, non-default ports must be used, which rules out both options B and C since they include the use of default ports (443 and 80). The remaining options A and D specify unique, non-default ports for VdaPort, WISSLLPort, and SDKPort. Option D uses different non-default ports for each service (8081, 8082, 8083), ensuring compliance with the requirement to avoid default ports and provides distinct port configurations for services, which facilitates granular firewall rule settings for restricted access. This makes option D the best fit to ensure that all Control Layer security requirements are met.
D. BrokerService.exe ""VdaPort 8081 ""WISSLPort 8082 ""SDKPort 8083 ""ConfigureFirewall
For security reasons, it is unacceptable to use default ports for FMA Services.: SO B&C are wrong: Default ports are SDK, VDA and WI: 80, WI SSL: 443
"Access to PowerShell and Citrix Studio for management will be restricted to management workstations by granular firewall rules" So only access from workstation to SDKport is allowed. To restrict acces ro WISSLport by granular firewall rules the ports of WISSL and SDK has to be different. SO answer D. iS that correct?