Citrix 1Y0-341 exam overview
The Citrix 1Y0-341 exam is a 69 question exam written in English. The exam consists of multiple choice items only. Passing the exam grants you with the Citrix Certified Professional in Networking (CCP-N) certification.
The official Citrix 1Y0-341 exam study guide is available for free download from https://training.citrix.com/public/Exam+Prep+Guides/341/1Y0-341_Exam_Preparation_Guide_v01.pdf
The 1Y0-341 exam was developed for candidates who have demonstrated the minimum
requisite knowledge and skills required for a Citrix networking professional who can
deploy and/or manage Citrix Web App Firewall (WAF) to secure application access in a Citrix
ADC 13 environment, as well as Citrix Application Delivery Management (ADM) to administer a
Citrix ADC environment or optimize Citrix ADC-managed application delivery traffic. The tasks tested in this exam will represent these skills, which are deemed as advanced topics such as Security, Management, and Optimization.
Syllabus and pre-requisite knowledge
The Citrix 1Y0-341 exam comprises the followings study sections:
- Introducing Citrix Web App Firewall
- Citrix Web App Firewall Profiles and Policies
- Implementing Citrix Web App Firewall Protections
- Additional Citrix Web App Firewall Protections
- Monitoring and Troubleshooting Citrix Web App Firewall
- Citrix ADC Security and Filtering
- Security Assertion Markup Language (SAML)
- Authentication using OAuth and OpenID
- Introduction and Configuration of Citrix Application Delivery Management
- Managing and Monitoring Citrix ADC Instances
- Managing Citrix ADC Configurations
- Integrated Caching
- Front-End Optimization
- Performance Tuning and Other Optimizations
As per the Citrix official study guide, the following knowledge is considered pre-requisite to taking the exam:
- Intermediate knowledge of TCP/IP, HTTP protocols and understanding of the OSI model
- Experience with network devices (e.g. routers, switches), various networking protocols, and aspects of application and site architecture (e.g. DMZ, VLANS)
- Moderate exposure to UNIX (particularly BSD variants)
- Exposure to basic systems administration concepts, including logging, software upgrade procedures and high availability operations
- Familiar with web server software (e.g. Apache, IIS, WebSphere)
- Familiar with Windows and Linux Server administration
- Basic knowledge of DNS, SSL and compression concepts
- Understanding of concepts related to server load balancing and content switching
- Knowledge of network security threats and site protection concepts (e.g.firewalls, worms, DDoS attacks)
- Familiar with regular expressions
- Knowledge of Active Directory
- Knowledge of virtualization
- Knowledge of application optimization
- Familiar with basic concepts of cloud computing
Citrix offers the official training courses which are designed for exam 1Y0-341 preparation. The training courses are available at https://training.citrix.com/learning/exam?id=2063.
Citrix 1Y0-341 exam preparation notes
In this section I have included items which I have found important while studying through the exam curriculum sections.
- Built-in TCP profiles. You will need to have an understanding of the available TCP profiles for various usage scenarios.
- Citrix ADC and Citrix ADM roles. You will need to be aware of the RBAC roles available in Citrix ADC and Citrix ADM.
- Citrix Web App Firewall security checks. You will need to have deep understanding of the available security checks in Citrix WAF, including the following security checks:
- Start URL
- Cookie consistency
- Form field consistency
- Field formats
- CSRF form tagging
- HTML SQL injection
- HTML cross site scripting (XSS)
- XML denial of service
- XML attachment
- Web services interoperability
- Citrix WAF learning engine. You will need to understand how the Citrix WAF learning engine works and how you can deploy or skip relaxation rules by using the learning engine.
- Citrix ADM syslog messaging features.
- Citrix ADM “Insight” panels. Each panel inside ADM provides its own reports. The following are the Citrix ADM Insights you should be aware of.
- Web Insight
- HDX Insight
- Gateway Insight
- Security Insight
- SSL Insights
- TCP Insight
- Video Insight
- WAN Insight
- Integrated caching virtual servers in Citrix ADC and content groups (static and dynamic). You need to be aware of the available features inside a Citrix Integrated Caching vserver and corresponding caching policy and profile.
- Citrix WAF available Web application front-end optimizations (FEO). You need to understand which techniques Citrix ADC uses in each FEO method.
- Image optimization
- Connection management
- Citrix WAF security models (positive, negative and hybrid) and how they are applied to backend Web applications to prevent known Web application threats.
- Buffer overflow
- CGI-BIN parameter manipulation
- Form/Hidden field manipulation
- Forceful browsing
- Cookie or session poisoning
- Broken ACLs
- Cross-site scripting (XSS)
- Command injection
- SQL Injection
- Error triggering sensitrive information leak
- Insecure use of cryptography
- Server misconfiguration
- Back doors and debug options
- Rate-based policy enforcement
- Well known ADC and ADM platform vulnerabilities
- Zero-day exploits
- Cross site request forgery (CSRF)
- Leakage of credit card and personally identifiable information (PII)
- Citrix WAF server cookie encryption options (session and persistent), cookie proxy options and cookie flags.
- You need to have knowledge of how Citrix WAF changes or deletes HTTP request/response headers and what effect this can have in TCP packet communication.
- How Citrix ADM generates PCI DSS reports.
- You need to have knowledge of Citrix ADM basic concepts such as sites, agents, profiles, tags, configuration jobs and configuration templates.
- You need to understand Citrix ADM licensing requirements for WAF as well as Citrix ADM and Citrix ADC licensing templates for supporting Citrix ADM monitored instances and log history persistence (Citrix ADC Standard, Advanced or Premium and Citrix ADM licenses).
- You need to understand Citrix ADC SAML authentication options and how SAML login schema works with SAML Idp policies and profiles.
- You need to have knowledge of Citrix ADM TLS certificate requirements and high availability options (Citrix ADM active-passive HA pair).
Citrix Tech Zone includes a very informative article which covers a Citrix WAF PoC deployment scenario. The article touches upon most areas which are in-scope for the 1Y0-341 exam, as far as Citrix WAF is concerned: https://docs.citrix.com/en-us/tech-zone/learn/poc-guides/citrix-waf-deployment.html. Another useful resource is the Citrix ADM cheat sheet with basic information about setting up Citrix ADM and can be downloaded from https://docs.citrix.com/en-us/tech-zone/learn/diagrams-posters/cheat-sheet-adm.html.
All Citrix certification exams are administered by Pearson VUE via their website (http://www.pearsonvue.com/citrix).
Citrix Study Guide