Preview Mode — This PBQ requires a Premium Membership and is being shown in a read-only preview mode. See Plans

This PBQ requires a Premium Membership and is being shown in a read-only preview mode.

Cloud Web Application Firewall Setup

You are a security engineer tasked with configuring a cloud-based Web Application Firewall (WAF) to protect a web application. Use the below ticket information to complete this task.

Ticket #983498

General Configuration

The new rule should only affect encrypted traffic routing to example.com. Name the new rule ProductionPolicy

Security Rules

Enable the default ruleset for OWASP Top 10

Create a custom rule under Custom Rules:

Name the rule CrossSiteScripting
Select the appropriate match to prevent Cross Site Scripting attacks
Select the appropriate Action

Logging

Choose a logging level that will produce as much information as possible. We can tone this down later, but for now we want to keep a close eye on these new rules.

General Settings

Domain Name

Protocol

WAF Policy Name

Security Rules

Baseline Rule Set

Custom Rule

Rule Name

Match Condition

Action

Logging & Monitoring

Logging Level