Scenario: A Citrix Engineer configures an Application Firewall HTML SQL Injection Check and sets it to BLOCK and to use SQLSplCharANDKeyword as the SQL injection type. The engineer checks the logs and finds that nothing is being blocked.
What can be the cause of the Application Firewall failing to block the attack?
A. The request contains SQL Wildcard Characters.
B. The request neither contains SQL Special Characters nor keywords.
C. The request only contains SQL Special Characters.
D. The request only contains SQL keywords.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
C. For blocking it must include special characters AND keywords.
C, i suppose ( while B would be correct as well, that would be to obvious …)
Block—If you enable block, the block action is triggered only if the input matches the SQL injection type specification. For example, if SQLSplCharANDKeyword is configured as the SQL injection type, a request is not blocked if it contains no key words, even if SQL special characters are detected in the input. Such a request is blocked if the SQL injection type is set to either SQLSplChar, or SQLSplCharORKeyword.
see here:
https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/html-sql-injection-check.html
But then D would be valid as well no?