Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Upon reviewing the log files, the engineer notices a pattern of forceful browsing toward the configuration page for the application. To protect against this, the engineer enforces Start URL and enables Enforce URL Closure.
What is the effect of enforcing Start URL and enabling Enforce URL Closure on the application?
Which setting should be enabled to convert the content-length form submission requests to chunked requests, when HTML SQL Injection protection is enabled?
A Citrix Engineer needs to configure an Application Firewall policy. According to company policies, the engineer needs to ensure that all the requests made to the website are originating from North America. Which policy expressions will help the engineer accomplish the requirement?
A Citrix Engineer for an online retailer wants to ensure that customer address information is NOT stolen. Which protection can the engineer implement to prevent this?
A Citrix Engineer has defined an HTTP Callout, hc_authorized_location, to return the value
"Authorized" if client's IP address is on a list of authorized external locations.
Which advanced expression should the engineer use in a policy for testing this condition?
