Citrix Workspace – Planning and Building — Question 114

Scenario: A Citrix Architect is conducting a security assessment. During the assessment, the architect gathers the following Hardware Layer requirements from the customer:
✑ Reduce the attack surface of the XenServer resource pools.
✑ Prevent unauthorized access to NFS storage.
✑ Encrypt Administrative connections to the XenServer resource pools.
Which three practices should the architect recommend so that the organization can meet its objectives? (Choose three.)

Answer options

• A. Configure target and host authentication to limit who can mount the file system.
• B. Remove the current management VLAN connection to the Internet.
• C. Install certificates from a trusted certificate authority on hypervisor hosts.
• D. Use XenServer Direct Inspect APIs to implement Hypervisor Introspection.
• E. Configure LUN zoning and LUN masking.

Correct answer: A, C, D

Explanation

The correct answers A, C, and D provide effective measures to enhance security. Option A ensures that only authorized users can access the file system, while option C encrypts administrative connections, and option D helps in monitoring hypervisor activity. Option B, while it may seem beneficial, could disrupt management operations, and option E does not directly address the objectives outlined in the requirements.