Barracuda Web Application Firewall - Foundation
Barracuda Web Application Firewall - Foundation
False
True
What are the two operating modes available in the WAF physical appliances?
Mark all correct answers.
Forward Proxy
Reverse Proxy
Bridge-Path
Bridge Proxy
To define which users or groups are allowed to log in during the authentication
process.
To bypass traffic around the WAF
To exempt specific traffic from security checks.
When the Encryption Tamper Proof mode is enabled, legitimate cookies might
be blocked if the Max Cookie Value Length limit, specified in the Request
Limits, is not changed accordingly.
True
If you want to protect your logins against credential stuffing, you require an
ABP license.
True
MANAGEMENT
LAN
WAN
br0
What happens when you accept the suggestion of the "Fix button" of the Web
Firewall logs?
Mark all correct answers.
Multiple services might be affected by the triggered configuration change.
The configuration of the WAF is changed according to the suggestion.
Changes to the WAF configuration will be applied but have to be confirmed within 24
hours.
The associated security policy is copied, and changes will be applied to the copy.
By using the WAF Access Control feature, Audit logs can be used to track the
activity of users logged into the web application.
True
False
Changing the system time zone requires a system reboot only if services are
configured.
False
False
IP addresses / networks.
LDAP information (users, groups, domains).
LDAP information (users, groups).
Local users and groups.
URL Normalization...
Create a new Content Rule in the Content Rules pool. Assign it to the service. Add
the backend servers.
Add the Content Rule to the service. Add the backend servers to the rule.
Create a new Content Rule in the Bot mitigation policies. Add the backend servers to
the rule.
Create a new Content Rule in the Allow/Deny rules. Add the backend servers to the
rule.
When protecting cookies, why can't Temper Proof mode, set to 'Encrypted',
always be used?
Attack logs
Audit logs
Web Firewall logs
Network Firewall logs
System logs
Access logs
False
True
A newly created service has the following security policy associated to it:
All Vsites are active on both units, but using different VIPs.
Different Vsites are active on different units.
All Vsites are active on both units.
What happens when a second real server is added to a service?
The WAF puts the new server in sticky mode, and after 10 seconds it starts load
balancing the traffic using the least request scheduling policy.
The WAF starts load balancing the traffic using the least request scheduling policy.
The WAF starts load balancing the traffic using the round robin scheduling policy.
The WAF puts the new server in maintenance mode, and after 10 seconds it starts
load balancing the traffic using the least request scheduling policy.
The default Bot mitigation policy created automatically for each service cannot
be removed.
False
What happens if multi-domain authentication is enabled and the user does not
specify the domain before the username?
The WAF will deny the authentication attempt (LDAP injection attack).
The WAF will prompt the user with the list of configured domains.
The user will be authenticated against the default configured domain.
The WAF will use the 'Best match' policy to find which domain the user belongs to.
Access logs are disabled by default and must be enabled on the Service
Configuration page.
False (its enabled by defult)
URL Encryption
URL Limits
Request Limits
URL Normalization
URL Protection
Antivirus signatures are updated even if the Energize Updates license has
expired.
False
When Cookie Security is enabled and the Tamper Proof mode is set to
'Signed', the WAF sends the following to the client:
Mark all correct answers.
The encrypted cookies.
The plain-text cookies.
The signed cookies.
A cookie hash that is used verify whether the cookie has changed.
Select all the requirements for deploying the WAF in high availability.
Mark all correct answers.
Both systems must have the same 'Cluster Shared Secret'.
Both systems must have the same hostname.
Both systems must be of the same model.
Both systems must run the same firmware version.
Both systems must have at least one service configured.
...SSDs and then moved to the hard disks after the max age is expired.
...RAM.
...hard disks.
...internal MySQL database.
URL Protection...
Mark all correct answers.
Since the Referer is contained in the IP packet header, the WAF cannot retrieve this
kind of information.
...an Extended Match rule.
...a Host Match rule.
...a URL Match rule.
The unit from which the "Join Cluster" procedure is initiated pushes its
configuration to the other unit.
False
True
Security policies...
If you want to protect your logins against credential stuffing, you require an
ABP license.
True
False
The WAF virtual appliance can be deployed using the following operating
modes:
False
True
What changes should be made in a web application and web servers in order
to use an Instant SSL service?
Two virtual hosts must be created in the web server: one to terminate HTTP
connections and a second to terminate SSL connections.
The web application must accept SSL connections.
Web servers must be configured to accept SSL connections.
Nothing. Communication between clients and the WAF will be in encrypted using
SSL, but the communication between the WAF and the web application will
remain unencrypted HTTP.
The web application code, especially if PHP and ASP are used, must have the iSSL
option enabled.
● 2)
● In the Bridge-Path operating mode
The WebSocket policy can inspect the headers or text payload but not both at
the same time.
True
In the Bridge-Path operating mode...
Mark all correct answers.
...requests and responses are terminated at the WAF.
...backend servers can see the source IP address of the client in the IP packet.
...the WAF only inspects traffic configured for inspection. All other traffic is allowed
by default.
What do you have to configure to enforce the antivirus scan for file uploads in
some parts of your web applications?
● 4)
● URL Protection...
● 6)
● The WAF configuration can be changed using:
● 17)
● The WebSocket policy can inspect the headers or text payload but not both at the
same time.
● 21)
● The WAF active mode...
● 25)
● The WAF passive mode…
●
● 29)
● The HTTP POST request generated by a user attempting to log into a protected web
application is blocked by the WAF. In which of the following is this request logged?
● 30)
● The Compression feature compresses...
● 42)
● What is 'Sequential Match' in the rule evaluation order?
● 43)
● Which of the following are NOT sub-policies?
● 48)
● What information is found in the Web Firewall logs?
● 50)
● What do you have to configure to enforce the antivirus scan for file uploads in some
parts of your web applications?