Citrix Virtual Apps and Desktops 7 Advanced Configure and Manage — Question 6

Scenario: A newly created Citrix Virtual Apps and Desktops site has sensitive information. The users consistently use different browsers for their daily tasks. A
Citrix Engineer is looking for ways to minimize attacks like ransomware, phishing, and session hijacking.
Which two steps can the engineer take to minimize attacks without interfering with user productivity? (Choose two.)

Answer options

• A. Disable access to specific browsers.
• B. Disable all the user plugins.
• C. Implement HTTP Strict Transport Security (HSTS).
• D. Use HTTP response headers to send security policies to endpoint browsers.

Correct answer: B, D

Explanation

Disabling all user plugins (B) can help reduce the attack surface by preventing potentially malicious extensions from being used. Sending security policies via HTTP response headers (D) enhances security without disrupting user experience. However, disabling access to specific browsers (A) may limit user choices unnecessarily, and implementing HSTS (C) is beneficial but does not directly address the broader range of attacks mentioned.