Citrix ADC 13 Advanced Topics – Security, Management and Optimization — Question 44

Scenario: A Citrix Administrator suspects an attack on a load-balancing vServer (IP address 192.168.100.25). The administrator needs to restrict access to this vServer for 10 minutes.
Which Access Control List (ACL) will accomplish this?

Answer options

• A. add simpleacl rule1 DENY -srcIP 192.168.100.25 -TTL 600000
• B. add simpleacl rule1 DENY -srcIP 192.168.100.25 -TTL 600
• C. add ns acl rule1 DENY -destIP 192.168.100.25 -TTL 600000
• D. add ns acl rule1 DENY -destIP 192.168.100.25 -TTL 600

Correct answer: D

Explanation

The correct answer is D because it correctly uses the destination IP address and specifies a TTL of 600 seconds, which is equal to 10 minutes. Options A and B incorrectly use the source IP, and option C specifies an incorrect TTL duration of 600000 milliseconds, which is 10 minutes but still uses the wrong type of ACL.