WAAS

Question 1

What are the major WAAS capabilities? (8)

Answer 1

1. OWASP Top-10 Coverage
2. API Protection
3. Access Control
4. File Upload Control
5. Detection of Unprotected Web Applications
6. Penalty Box for Attackers
7. Bot Protection
8. DoS Protection

Question 2

How does WAAS control access to protected applications?

Answer 2

Using Geo-based, IP-based, or HTTP Header-based user defined restrictions.

Question 3

What is the amount of time when a ban is enforced n of IPs that have triggered its protections in order to slow down vulnerability scanners and other attackers probing the application?

Answer 3

5 minutes

Question 4

What does Defender do in case it encounters encrypted sessions that require WAAS inspection?

Answer 4

Defender decrypts the traffic, examines the content, and then re-encrypts it.

Question 5

What are the different WAAS Actions?

Answer 5

• Alert
  
  • The request is passed to the protected application and an audit is generated for visibility
• Prevent
  
  • The request is denied from reaching the protected application, an audit is generated, and WAAS responds with an HTML page indicating the request was blocked.
• Ban (3)
  
  • A ban can be applied on either IP or Prisma Session IDs
  • All requests originating from the same IP/Prisma Session to the protected application are denied for the configured time period (the default is five minutes) following the last detected attack

Question 6

How does Prisma Cloud pushes policies to all resources to which they apply?

Answer 6

Whenever new policies are created or existing
policies are updated.

Question 7

How is WAAS enabled?

Answer 7

By adding a new WAAS rule.

Question 8

How does WAAS protect containerized web applications?

Answer 8

Prisma Cloud creates a firewall instance for each container instance

Question 9

How does WAAS protect non-containerized web applications?

Answer 9

Prisma Cloud creates a firewall for each host specified in the configuration