Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall. Signature Auto- Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?
A. https://download.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
B. https://www.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
C. https://citrix.azure.com/NSAppFwSignatures/SignaturesMapping.xml
D. https://s3.amazonaws.com/NSAppFwSignatures/SignaturesMapping.xml
正解:D
質問 2:
A review of purchases made at an online retailer shows that several orders were processed for items at an unpublished price.
Which protection can a Citrix Engineer implement to prevent a site visitor from modifying the unit price of a product on the shopping cart page?
A. Form Field Consistency
B. HTML SQL Injection
C. Cross-Site Request Forgeries (CSRF)
D. HTML Cross-Site Scripting (XSS)
正解:A
質問 3:
Scenario: During application troubleshooting, a Citrix Engineer notices that response traffic received from a protected web application is NOT matching what the web server is sending out. The engineer is concerned that someone is trying to disrupt caching behavior.
Which action is the Citrix Web App Firewall performing that would trigger this false positive?
A. Modifying and adding cookies in the response
B. Removing the Last-Modified header
C. Inserting a hidden form field
D. Removing the Accept-Encoding header
正解:B
質問 4:
Which Front End Optimization technique reduces the number of files to be requested for download?
A. Inlining
B. Minify
C. Shrink to Attributes
D. Domain Sharding
正解:B
質問 5:
In which order is a client request to a protected web application processed?
A. CitrixWebApp Firewall, Load Balancing, Caching, Rewrite
B. Load Balancing, Citrix Web App Firewall, Caching, Rewrite
C. Citrix Web App Firewall, Caching, Load Balancing, Rewrite
D. Caching, Citrix Web App Firewall, Load Balancing, Rewrite
正解:C
質問 6:
Scenario: A Citrix Engineer has configured Integrated Caching to improve application performance. Within hours, the Citrix ADC appliance has run out of memory.
Which Content Group setting can the engineer configure to show the caching process until a need is demonstrated?
A. Quick Abort Size
B. Do not cache - if size exceeds
C. Maximum memory usage limit
D. Do not cache - if hits are less than
正解:C
質問 7:
Which protection can a Citrix Engineer implement to prevent a hacker from extracting a customer list from the company website?
A. Form Field Consistency
B. HTML SQL Injection
C. Cross-Site Request Forgeries (CSRF)
D. HTML Cross-Site Scripting (XSS)
正解:B
牧野** -
高得点で合格しました。たぶん3問ぐらいは不正解だったかな。
実に質の高い参考書でした。模試の設問もほぼ出ました。ありがとうございました。