Scenario: A Citrix Engineer needs to configure
Application Firewall to handle SQL injection issues. However, after enabling SQL injection check, the backend server started dropping user requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 -startURLAction none- den
yURLAction none-crossSiteScriptingAction none -SQLInjectionAction log stats- SQLInjection TransformSpecialChars ON -SQLInjectionCheckSQLWildChars ON- fieldFormatAction none- bufferOverflowAction none- responseContentType -application/octet-stream- -XMLSQLI
njectionAction none- XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
What does the engineer need to change in the Application Firewall configuration?
A. Enable-XMLSQLInjectionAction none
B. Enable-XMLValidationAction none
C. Disable- SQLIn
jectionCheckSQLWildChars ON
D. Disable- SQLInjectionTransformSpecialChars ON