Scenario: A Citrix Engineer created the policies in the attached exhibit.
Click the Exhibit button to view the list of policies.
HTTP Request:
GET /resetpassword.htm HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0 Host: www.citrix.com Accept-Language: en-us Accept-Encoding: gzip, deflate Connection: Keep-Alive Which profile will be applied to the above HTTP request?
Scenario: A Citrix Engineer has configured an IP Reputation policy and Profile in Application Firewall.
However, the engineer is NOT able to see any hits on the policy during testing. Which logs can the engineer check to ensure that IP Reputation is configured correctly?
Scenario: A Citrix Engineer discovers a security vulnerability in one of its websites. The engineer takes a header trace and checks the Application Firewall logs.
The following was found in part of the logs:
method=GET request = http://my.companysite.net/FFC/sc11.html msg=URL length (39) is greater than maximum allowed (20).cn1=707 cn2=402 cs1=owa_profile cs2=PPE0 cs3=kW49GcKbnwKByByi3 +jeNzfgWa80000 cs4=ALERT cs5=2015 Which type of Application Firewall security check can the engineer configure to block this type of attack?
A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection. Which setting can the engineer enable in order to avoid false-positive learned rules?
A Citrix Engineer needs to create a configuration job to clone a configuration from an existing Citrix ADC to a new Citrix ADC.
Which configuration source can the engineer use to accomplish this?
