Which security model should a Citrix Engineer implement to make sure that no known attack patterns pass through Citrix Web App Firewall?
A website hosts highly dynamic content that is frequently requested in bursts of high user access. Which configuration will reduce traffic to the origin server while optimizing client performance?
Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service attack.
Which advanced expression can the engineer write for a Responder policy?
Scenario: A Citrix Engineer needs to configure Application Firewall to handle SQL injection issues. However, after enabling SQL injection check, the backend server started dropping user requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 startURLAction none- denyURLAction none-crossSiteScriptingAction none - SQLInjectionAction log stats- SQLInjectionTransformSpecialChars ON SQLInjectionCheckSQLWildChars ON- fieldFormatAction none- bufferOverflowAction none- responseContentType "application/octet-stream" XMLSQLInjectionAction none- XMLXSSAction none-XMLWSIAction none- XMLValidationAction none What does the engineer need to change in the Application Firewall configuration?
Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. The engineer enables the Learn action for the Start URL, HTML, Cross-Site Scripting, and HTML SQL Injection protections. The engineer assigns this profile to a policy, which is then bound to the virtual server.
Which two items can the engineer check to determine that the Learn action is NOT capturing any rules? (Choose two.)
