A security administrator is implementing a new WAF solution and has placed some of the web servers behind the WAF, with the WAF set to audit mode. When reviewing the audit logs of external requests and posts to the web servers, the administrator finds the following entry: Based on this data, which of the following actions should the administrator take?

QuestionsCategory: SY0-501A security administrator is implementing a new WAF solution and has placed some of the web servers behind the WAF, with the WAF set to audit mode. When reviewing the audit logs of external requests and posts to the web servers, the administrator finds the following entry: Based on this data, which of the following actions should the administrator take?
Admin Staff asked 6 months ago
A security administrator is implementing a new WAF solution and has placed some of the web servers behind the WAF, with the WAF set to audit mode. When reviewing the audit logs of external requests and posts to the web servers, the administrator finds the following entry:
 Image
Based on this data, which of the following actions should the administrator take?

A. Alert the web server administrators to a misconfiguration.

B. Create a blocking policy based on the parameter values.

C. Change the parameter name 'Account_Name' identified in the log.

D. Create an alert to generate emails for abnormally high activity.








 

Suggested Answer: D





This question is in SY0-501 Exam
For getting CompTIA Security+ certificate 


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

Next Post

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.