Which two entities must the engineer configure on the Citrix ADC to support this?
A Citrix Engineer needs to set up access to an internal application for external partners. Which two entities must the engineer configure on the Citrix ADC to support this? (Choose two.)A . SAML PolicyB . SAMLldP ProfileC . SAMLldP PolicyD . SAML ActionView AnswerAnswer: A,B Explanation: Reference: https://www.citrix.com/blogs/2015/04/09/how-to-use-saml-authentication-with-storefront-2-6/
What should a Citrix Engineer do when using the Learn feature for Start URL relaxation?
What should a Citrix Engineer do when using the Learn feature for Start URL relaxation?A . Ensure that only valid or correct traffic is directed to the protected web application while in Learn mode.B . Invite at least 10 test users to collect sufficient data for the Learn feature.C ....
Which profile setting does the engineer need to configure to provide the custom message?
Scenario: A Web Application Developer asked a Citrix Engineer to implement Citrix Web App Firewall protections. To provide consistency in branding, the developer asked that the web server provide a custom message when a violation occurs. Which profile setting does the engineer need to configure to provide the custom message?A...
Which data populates the Events Dashboard?
Which data populates the Events Dashboard?A . Syslog messagesB . SNMP trap messagesC . API callsD . AppFlow IPFIX recordsView AnswerAnswer: A
What is the next step for the engineer in protecting the web application?
Scenario: A Citrix Engineer is implementing Citrix Web App Firewall to protect a new web application. The engineer has created a profile, configured the relaxation rules, and applied signature protections. Additionally, the engineer has assigned the profile to a policy and bound the policy to the application. What is the...
Which action is the Citrix Web App Firewall performing that would trigger this false positive?
Scenario: During application troubleshooting, a Citrix Engineer notices that response traffic received from a protected web application is NOT matching what the web server is sending out. The auditor is concerned that Man-In-The-Middle attack is in progress. Which action is the Citrix Web App Firewall performing that would trigger this...
Which two protections ensure that the correct data is returned by the client? (Choose two.)
Which two protections ensure that the correct data is returned by the client? (Choose two.)A . Form Field Consistency.B . Field FormatsC . HTML Cross-Site Scripting (XSS)D . Cross-Site Request Forgeries (CSRF)View AnswerAnswer: A,D Explanation: Reference: https://docs.citrix.com/en-us/citrix-adc/citrix-adc-secure-deployment/secure-deployment-guide.html
In which order is a client request to a protected web application processed?
In which order is a client request to a protected web application processed?A . CitrixWebApp Firewall, Load Balancing, Caching, RewriteB . Caching, Citrix Web App Firewall, Load Balancing, RewriteC . Citrix Web App Firewall, Caching, Load Balancing, RewriteD . Load Balancing, Citrix Web App Firewall, Caching, RewriteView AnswerAnswer: C
What can the engineer do to improve the user experience?
Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. Shortly after that, users call to complain that nearly every request is being met with a Captcha. What can the engineer do to improve the user experience?A . Disable the Captcha.B . Increase the DOS...
Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of being redirected, users are seeing an ‘Access Denied’ page.
Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of being redirected, users are seeing an ‘Access Denied’ page. This is happening because Citrix Web App Firewall is processed. (Choose the correct option to complete the...