A Citrix Engineer is reviewing the log files for a sensitive web application and notices that someone accessed the application using the engineer’s credentials while the engineer was out of the office for an extended period of time.
Which production can the engineer implement to protect against this vulnerability?
The appropriate protection to address the issue of someone accessing the web application using the engineer's credentials, which suggests a session hijacking issue, is implementing Cookie Consistency. Cookie Consistency ensures that the cookies sent by the client are unaltered and correct, helping to prevent unauthorized access through stolen or tampered session cookies.
I agree, should be D
D. Cookie Consistency The Cookie Consistency protection in Citrix Web Application Firewall (WAF) can help mitigate the issue where someone accessed the application using the engineer’s credentials, potentially indicating cookie hijacking or session stealing. This feature ensures that cookies sent by the client are consistent and not tampered with, thus helping to prevent unauthorized access through stolen session cookies.
Should be D https://docs.citrix.com/en-us/citrix-adc/current-release/application-firewall/cookie-protection/waf-cookie-hijack-protection.html