QUESTION 19An attacker inserting a malicious code that compromises the trust relationship between users and a web application is an example of a (n) _____ attack. (Choosethe correct option to complete the sentence.) A.Cookie TamperingB.SQL Injection
D Section: (none) Explanation Explanation/Reference: Reference: QUESTION 20Which action can be used to place the rule on the relaxation list without being deployed and ensuring that the rule is NOT learned again? A Explanation Explanation/Reference: Reference: QUESTION 21A Citrix Engineer observes that after enabling the security checks in Learning mode only in an Application Firewall profile, the NetScaler is blocking the non-RFCcompliant HTTP packets.What can the engineer modify in the configuration to resolve this issue? B
Explanation/Reference: QUESTION 22A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs tocreate a policy to filter the upload requests and ensure that they are in JPEG format.Which expression can the engineer use to fulfill this requirement? A.http.req.url.endswith (“.jpeg) & & http.req.method.eq (POST)B.http.req.url.contains (“.jpeg) & & http.req.method.eq (GET)C.http.req.url.endswith (“.jpeg) || http.req.method.eq (GET)D.http.req.header (“Content-Type”).contains (“image/jpeg”) || http.req.method.eq(POST)Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 23Scenario: A Citrix Engineer needs to configure an Application Firewall policy for an online shopping website called “mycompany.com”. As a security measure, theshopping cart application is hosted on a separate directory “/mycart” on the backend server. The engineer configured a profile to secure the connections to thisshopping cart and now needs to ensure that this profile is allied to all incoming connections to the shopping cart.Which policy expression will accomplish this requirement? A.http.req.url. contains(“/mycart”) & http:req.url.hostname.eq(“mycompany.com”)B.http.req.url. contains(“/mycart”) || http:req.url.hostname.eq(“mycompany.com”)C.http.req.header (“url”).contains (“/mycart”) || http.req.url.contains (“mycompany.com”)D.http.req.header (“url”).contains (“/mycart”) && http:req.url.contains (“mycompy.com”)Correct Answer: Section: (none)ExplanationExplanation/Reference: A
You've reached the end of your free preview.
Want to read all 18 pages?
- Spring '18
- Correct Answer, Transmission Control Protocol, HTTP cookie, Citrix Engineer