CDN CDN Web Application Firewall & Bot Management

Question 1

What is the primary purpose of a Web Application Firewall (WAF) deployed at the CDN edge?

Accepted Answer

To inspect and filter HTTP/HTTPS traffic against application-layer attacks

Answer

A WAF at the CDN edge inspects HTTP/HTTPS requests and blocks application-layer attacks such as SQLi, XSS, and CSRF before they reach the origin.

Question 2

Which OWASP Top 10 threat is most commonly blocked by a CDN WAF rule targeting user-supplied input in URL parameters?

Accepted Answer

SQL Injection

Answer

SQL Injection attacks typically embed malicious SQL code in URL parameters or form fields, which WAF rules detect and block at the edge.

Question 3

A CDN WAF is configured in 'monitor' mode. What is the effect on malicious traffic?

Accepted Answer

Traffic is allowed but logged for analysis

Answer

Monitor (or detection-only) mode logs rule matches without blocking, allowing teams to tune rules before enabling enforcement.

Question 4

What CDN feature allows operators to challenge suspected bots with a JavaScript-based browser check before serving content?

Accepted Answer

Bot challenge / managed challenge

Answer

A managed bot challenge presents a transparent JavaScript or CAPTCHA challenge to verify that the client is a real browser, not an automated script.

Question 5

Which metric best indicates that a WAF rule is producing false positives in production?

Accepted Answer

Spike in legitimate user 403 errors after rule deployment

Answer

A surge in 403 Forbidden responses for known-good users immediately after a rule change strongly indicates the rule is incorrectly blocking legitimate traffic.

(CDN) Content Delivery Network Certification Practice Test

(CDN) Content Delivery Network Certification Practice Test

CDN CDN Web Application Firewall & Bot Management