Citrix ADC 13 Advanced Topics – Security, Management and Optimization — Question 78

Scenario: For security reasons, a Citrix Administrator needs to block access to multiple URLs.

The administrator executes the below commands:

> add policy patset BAD_URL
> bind policy patset BAD_URL badurl1.mylab.lab -index 11 -charset ASCII
> bind policy patset BAD_URL badurl2.mylab.lab -index 10 -charset ASCII

Which final two commands should the administrator execute to accomplish this?

Answer options

• A. > add responder policy BAD_URL_DNS "DNS.REQ.QUESTION.DOMAIN.CONTAINS(\"BAD_URL\")" DROP > bind responder global BAD_URL_DNS 100 END -type DNS_REQ_OVERRIDE
• B. > add responder policy BAD_URL_DNS "DNS.REQ.QUESTION.DOMAIN.CONTAINS_ANY(\"BAD_URL\")" RESET > bind responder global BAD_URL_DNS 100 END -type DNS_REQ_OVERRIDE
• C. > add responder policy BAD_URL_DNS "DNS.REQ.QUESTION.DOMAIN.CONTAINS(\"BAD_URL\" RESET > bind responder global BAD_URL_DNS 100 END -type DNS_REQ
• D. > add responder policy BAD_URL_DNS "DNS.REQ.QUESTION.DOMAIN.CONTAINS(\"BAD_URL\" RESET > bind responder global BAD_URL_DNS 100 END -type DNS_REQ_OVERRIDE

Correct answer: B

Explanation

The correct answer is B since it uses the function `DNS.REQ.QUESTION.DOMAIN.CONTAINS_ANY`, which properly checks for any of the specified bad URLs and issues a RESET action. Options A, C, and D either use incorrect functions or have syntax errors, making them ineffective for the intended task.