Scenario: A Citrix Engineer is notified that no traffic is reaching the protected web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has 516,723 hits.
What should the engineer check next?
A.
The policy expression
B.
The security checks in the assigned profile
C.
The security checks in the global default profile
A. The policy expression
The engineer should check the policy expression to ensure that it is correctly written and not inadvertently blocking all traffic. A high number of hits on the policy could indicate that the expression is too broad or incorrectly configured, leading to legitimate traffic being blocked. It is essential to ensure the policy expression accurately reflects the traffic that should be allowed or blocked.
Exactly. If there are hits that means expression matches the requests, hence it is processed further by WAF, so you should look into security checks next.
upvoted 1 times
...
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
arjun_kumar
5 months, 1 week agothedelph
7 months, 2 weeks agotrevorhj
4 months, 1 week agoCitrix_Guru
1 month, 1 week ago