A Citrix Engineer needs to configure Application Firewall to handle SQL injection issues. However, after enabling SQL injection check, the backend server started dropping user requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 –startURLAction none- denyURLAction none-crossSiteScriptingAction none –SQLInjectionAction log stats- SQLInjection TransformSpecialChars ON –SQLInjectionCheckSQLWildChars ON- fieldFormatAction none- bufferOverflowAction none- responseContentType “application/octetstream”
–XMLSQLInjectionAction none- XMLXSSAction none-XMLWSIAction none- XMLValidationAction none What does the engineer need to change in the Application Firewall configuration?
A. Enable-XMLSQLInjectionAction none
B. Enable-XMLValidationAction none
C. Disable- SQLInjectionCheckSQLWildChars ON
D. Disable- SQLInjectionTransformSpecialChars ON
Answer: C
