Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service attack. Which advanced expression can the engineer write for a Responder policy?
A.
CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(SPAM_SOURCES)
B.
CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(BOTNETS)
C.
CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WEB_ATTACKS)
D.
CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WINDOWS_EXPLOITS)
B. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(BOTNETS)
This is because botnets are commonly used to perform DDoS attacks, and selecting this category would help in creating a policy that focuses on preventing traffic that is likely to be part of such an attack. If a more specific category related to DDoS attacks is available in the actual Citrix system, that would be the ideal choice.
Correct answer doesn't seem to be in the list, the most appropriate here would be CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(DOS) - see https://docs.citrix.com/en-us/citrix-adc/13/reputation/ip-reputation.html
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
thenetscalerguy
6 months, 1 week agothedelph
9 months, 4 weeks agovipjason
10 months, 1 week agoBinomimus
1 year, 8 months agoGuntrrr
1 year, 10 months ago