🔥 3-day streak
Microsoft Azure Network Engineer Associate145 / 152
Question 145 of 152

Your company runs a public web application behind an Azure Application Gateway v2 with an associated WAF policy currently using OWASP Core Rule Set (CRS) 3.1 in Prevention mode. After a security audit, you are directed to protect against the latest known attack signatures, including newer Java-based exploits, while keeping the ability to disable individual rules that cause false positives. What should you do?

Reviewed for accuracy · Report an issueNext question