Exam 1Y0-402 All QuestionsBrowse all questions from this exam
Go to Exam
Question 41

Scenario: A Citrix Architect needs to design a new XenApp and XenDesktop environment for a bank. After the project kickoff meeting, the following business drivers have been identified and prioritized in the following order:

1. Increase security

2. Reduce costs

3. Improve the user experience

4. Simplify management

Later in the design process, the architect documents the design decisions shown in the Exhibit (only some are shown).

Click the Exhibit button to view the design decisions.

During the quality assurance review, the architect observes that one of these design decisions does NOT align with the business driver priorities.

Which design decision should be changed to match the prioritization of the business drivers?

    Correct Answer: D

    The design decision that should be changed to match the prioritization of the business drivers is related to Citrix Policies. Enabling Client Drive Redirection and allowing Clipboard Redirection (even with text only) can compromise the increased security priority as these features can be used to transfer data out of the secured environment. To align with the primary driver of increasing security, Client Drive Redirection and perhaps clipboard redirection should be disabled.

Discussion
thedelphOption: D

I would say D as Client Drive Redirection is enabled in Citrix Policies which conflicts with the "Increase Security" business driver.

keplerOption: C

Correct answer is C. client drive redirection may not be critical to security (user can see his own computer's drives). Citrix VDAs' visibility and accessibility are more security exposed (this can be remediated via GPO). I think the external users should use SAML/MFA, not just LDAP and Radius. SAML and MFA. Should be the other way around.

maurizio_n91

out of scope, D is right. you can pass any virus from your client endpoint mapped into the vda, an so in the organization

maurizio_n91

you can get MFA like OTP simply using RADIUS + LDAP (check for RSA SecureID, Gemalto, Cisco DUO) all works with radius based protocol. D is right

d0bermannnOption: D

D. Citrix Policies. It is all about mapping local drives, and clipboard too may leak some info from enterprize local perimeter