Citrix Gateway 13 Administration — Question 15

Scenario: A Citrix Administrator entered the command-line interface commands below to prevent IP address 10.10.100 from accessing the NetScaler on port 80. add simpleacl rule1 DENY- srcIP 10.10.10.100 TTL 600 add simpleacl rule2 DENY- srcIP 10.10.10.100 destPort 80 add ns acl rule1 DENY- srcIP 10.10.10.100-priority 10 add ns acl rule2 DENY- srcIP 10.10.10.100-priority 100 apply ns acls
Which Access Control List (ACL) will the NetScaler use to deny the IP address?

Answer options

• A. add ns acl rule1 DENY-srcIP 10.10.10.100-priority 10
• B. add simpleacl rule1 DENY- srcIP 10.10.10.100 –TTL 600
• C. add simpleacl rule2 DENY- srcIP 10.10.10.100 –destPort 80
• D. add ns acl rule2 DENY- srcIP 10.10.10.100-priority 100

Correct answer: B

Explanation

The correct answer is B because the command 'add simpleacl rule1 DENY- srcIP 10.10.10.100 –TTL 600' defines a simple ACL that effectively blocks the specified IP address for a duration. The other options either do not apply to the correct IP or lack the necessary parameters to enforce the restriction on port 80.