A Citrix Administrator needs to block access to multiple URLs for security reasons.
Which configuration should the administrator use to accomplish this requirement?
A Citrix Administrator needs to block access to multiple URLs for security reasons.
Which configuration should the administrator use to accomplish this requirement?
To block access to multiple URLs for security reasons, the administrator should use the configuration that binds a policy pattern set (patset) containing the bad URLs and applies a responder policy using the CONTAINS_ANY expression for DNS requests. The CONTAINS_ANY expression is specifically used for matching the domain against any strings in the patset list, which makes it the correct choice for this requirement. The RESET action is typically used to gracefully terminate connections, which is suitable for blocking access without dropping the requests silently. Therefore, the correct configuration includes the use of CONTAINS_ANY and RESET actions.
B. PatSets are used in combination with CONTAINS_ANY
Is there any reference for that? What I am reading, it can be CONTAINS and also that is the only option that has a DROP in it.
B is wright. "CONTAINS" is not, only "CONTAINS_ANY" https://developer-docs.citrix.com/projects/netscaler-advanced-policy-expression-reference/en/12.0/dns_domainname_t/dns_domainname_t/
A. this is more suited answer. DROP. If the undefined action is set to DROP, the appliance silently drops the request without responding to the client in any way. This action is appropriate for requests that appear to be part of a DDoS attack or other sustained attack on your servers.