Exam AZ-500 topic 6 question 20 discussion

I believe answer is YNY. WAF is in Detection mode, which means it won't take any action. https://learn.microsoft.com/en-us/azure/web-application-firewall/cdn/cdn-overview#waf-modes As far as the file upload limit, I only found 1 article indicating the limit is 2GB. https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-engine

1. YES - It's in Detection mode, so it logs but does not block. 2. NO - It's in Detection mode, so does not block. 3. YES - The actual upload limit is 2 GB (V1) or 4 GB (V2)

NO-> negationCondition is set to true -> it reverts the condition, means everything will be blocked except the mentioned IP range. NO-> It will be detected and created a log YES -> No limitation is defined in the policy. Also it is in detection mode

NO - the rule has "negationCondition: true", thus block addresses NOT matching 10.10.10.0/24 NO - policy is in Detection mode (might detect attacks but will not block them) YES - policy is in Detection mode and does not contain an upload size limit anyway

Yes, No, Yes First, we need to see that policy is in Detection mode this mean it will not prevent something, also there is OWAPS which will protect us from common attack types, however again policy is in detection mode not prevention mode that is why it will just audit in this case. The third bullet point is the about file upload limit Standard SKU V1, tier allows us to upload max 2GB and Standard SKU V2 allows us to upload us max 4GB. Here question asks 50mb so we can upload it then. Statement-1, Yes Statement-2 No Statement-3 Yes

Given answers are correct. The block rule has a negate condition, which means all requests originating from anything except the mentioned CIDR range will be blocked.

should be YYN: 10.1.1.5 is outside the CIDR range of blocked IP; OWASP blocks common attacks like file path attack, the detection mode in WAF does not mean it will do nothing when attack occurs; the body request for WAF is 128K, due to the OWASP