WAF01-05 Web Application Firewall -
Foundation
The WAF passive mode... - answer. Can be configured as a global setting for all
services.
...blocks traffic that triggers security violations.
*...logs traffic that triggers security violations. *
*...allows traffic even if it triggers security violations. *
...does not log traffic that triggers security violations.
Bot mitigation policies can be used... - answer...to enforce limits in the TCP window
size.
*...to enable credential stuffing protection.*
*...to limit the amount of total requests to a specific part of a web application.*
...to enforce limits in HTTP headers.
When an 'action' is changed in the global ACLs... - answer...all services are affected.
*...all services sharing the same security policy are affected.*
...all security policies are affected.
What services are provided by the WAF's Access Control feature? -
answerAuthentication and credential stuffing protection.
*Authentication and authorization.*
Authentication, authorization, and auditing.
Authentication, authorization, and accounting.
URL Protection... - answer...limits the number of cookies that can be present in an
HTTP request.
*...limits the number of file uploads.*
*...specifies the allowed methods in HTTP requests headers.*
...limits the size of the file uploads.
In the One-Arm Proxy deployment... - answer...a WAN and a LAN interface are used.
*...only the WAN interface is used for traffic.*
...backend servers could be reached directly, bypassing the WAF. (f)
(F)
When the Encryption Tamper Proof mode is enabled, legitimate cookies might be
blocked if the Max Cookie Value Length limit, specified in the Request Limits, is not
changed accordingly. - answerTrue
The predefined security policies... - answer...cannot be deleted.
, *...can be assigned to several services.*
*...can be customized.*
A newly created service has the following security policy associated to it: - answerNew
services do not have any security policies by default.
Passive
Custom
*Default*
Active
Extended Match rules can only be used in Bot mitigation policies. - answerFalse
By using the WAF Access Control feature, Audit logs can be used to track the activity of
users logged into the web application. - answerFALSE
The WAF configuration can be changed using: - answer*SSH*
*The web interface* (1,2)
*REST APIs* (2)
*The local shell access* (1,2)
(F)
Select all the requirements for deploying the WAF in high availability. - answer*Both
systems must have the same 'Cluster Shared Secret'.*
Both systems must have the same hostname.
*Both systems must be of the same model.*
*Both systems must run the same firmware version.*
Both systems must have at least one service configured.
What are the available untrusted levels in Exception Profiling? - answerTrusted Hosts
*High*
*Low*
*Medium*
Very High
Antivirus signatures are updated even if the Energize Updates license has expired. -
answerfalse
What do you have to configure to enforce the antivirus scan for file uploads in some
parts of your web applications? - answerBrute Force Prevention
*Bot mitigation policies*
Allow/Deny rules
Data Theft policies
The Barracuda WAF is licensed by the number of web applications protected. -
answerFALSE
Foundation
The WAF passive mode... - answer. Can be configured as a global setting for all
services.
...blocks traffic that triggers security violations.
*...logs traffic that triggers security violations. *
*...allows traffic even if it triggers security violations. *
...does not log traffic that triggers security violations.
Bot mitigation policies can be used... - answer...to enforce limits in the TCP window
size.
*...to enable credential stuffing protection.*
*...to limit the amount of total requests to a specific part of a web application.*
...to enforce limits in HTTP headers.
When an 'action' is changed in the global ACLs... - answer...all services are affected.
*...all services sharing the same security policy are affected.*
...all security policies are affected.
What services are provided by the WAF's Access Control feature? -
answerAuthentication and credential stuffing protection.
*Authentication and authorization.*
Authentication, authorization, and auditing.
Authentication, authorization, and accounting.
URL Protection... - answer...limits the number of cookies that can be present in an
HTTP request.
*...limits the number of file uploads.*
*...specifies the allowed methods in HTTP requests headers.*
...limits the size of the file uploads.
In the One-Arm Proxy deployment... - answer...a WAN and a LAN interface are used.
*...only the WAN interface is used for traffic.*
...backend servers could be reached directly, bypassing the WAF. (f)
(F)
When the Encryption Tamper Proof mode is enabled, legitimate cookies might be
blocked if the Max Cookie Value Length limit, specified in the Request Limits, is not
changed accordingly. - answerTrue
The predefined security policies... - answer...cannot be deleted.
, *...can be assigned to several services.*
*...can be customized.*
A newly created service has the following security policy associated to it: - answerNew
services do not have any security policies by default.
Passive
Custom
*Default*
Active
Extended Match rules can only be used in Bot mitigation policies. - answerFalse
By using the WAF Access Control feature, Audit logs can be used to track the activity of
users logged into the web application. - answerFALSE
The WAF configuration can be changed using: - answer*SSH*
*The web interface* (1,2)
*REST APIs* (2)
*The local shell access* (1,2)
(F)
Select all the requirements for deploying the WAF in high availability. - answer*Both
systems must have the same 'Cluster Shared Secret'.*
Both systems must have the same hostname.
*Both systems must be of the same model.*
*Both systems must run the same firmware version.*
Both systems must have at least one service configured.
What are the available untrusted levels in Exception Profiling? - answerTrusted Hosts
*High*
*Low*
*Medium*
Very High
Antivirus signatures are updated even if the Energize Updates license has expired. -
answerfalse
What do you have to configure to enforce the antivirus scan for file uploads in some
parts of your web applications? - answerBrute Force Prevention
*Bot mitigation policies*
Allow/Deny rules
Data Theft policies
The Barracuda WAF is licensed by the number of web applications protected. -
answerFALSE
