Examice

Exam 1Y0-402 All QuestionsBrowse all questions from this exam

Question 103

Scenario: A Citrix Architect is conducting a security assessment. During the assessment, the architect gathers the following Hardware Layer requirements from the customer:

✑ Reduce the attack surface of the XenServer resource pools.

✑ Prevent unauthorized access to NFS storage.

✑ Encrypt Administrative connections to the XenServer resource pools.

Which three practices should the architect recommend so that the organization can meet its objectives? (Choose three.)

Configure target and host authentication to limit who can mount the file system.

Remove the current management VLAN connection to the Internet.

Install certificates from a trusted certificate authority on hypervisor hosts.

Use XenServer Direct Inspect APIs to implement Hypervisor Introspection.

Configure LUN zoning and LUN masking.

Correct Answer: A, C, D

To meet the organization's objectives of reducing the attack surface of the XenServer resource pools, preventing unauthorized access to NFS storage, and encrypting administrative connections to the XenServer resource pools, the architect should recommend the following practices: Configure target and host authentication to limit who can mount the file system, as this will help prevent unauthorized access to NFS storage. Install certificates from a trusted certificate authority on hypervisor hosts, which will encrypt administrative connections to the XenServer resource pools. Use XenServer Direct Inspect APIs to implement Hypervisor Introspection, which will help in reducing the attack surface of the XenServer resource pools.

Discussion

maurizio_n91Options: ACD

ACD are right