Which events are valid iRule events triggered by BIG-IP ASM processing? (Choose 2)
A.
ASM_REQUEST_BLOCKING
B.
ASM_REQUEST_ACCEPTED
C.
ASM_REQUEST_VIOLATION
D.
ASM_RESPONSE_BLOCKING
ASM_REQUEST_BLOCKING
ASM_REQUEST_VIOLATION
Which of the following methods of protection is not available within the Protocol Security Manager
for FTP protection?
A.
Session timeout
B.
Command length
C.
Allowed commands
D.
Anonymous FTP restriction
Session timeout
Logging profiles are assigned to?
A.
HTTP class
B.
Security policies
C.
Web applications
D.
Attack signatures
Web applications
Which of the following is a language used for content provided by a web server to a web client?
A.
FTP
B.
TCP
C.
HTTP
D.
HTML
HTML
Which of the following methods are used by the BIG-IP ASM System to protect against SQL
injections?
A.
HTTP RFC compliancy checks
B.
Meta-character enforcement and attack signatures
C.
HTTP RFC compliancy checks and length restrictions
D.
Response scrubbing, HTTP RFC compliancy checks, and meta-character enforcement
Meta-character enforcement and attack signatures
Which of the following can be associated with an XML profile?
A.
Flow
B.
Method
C.
Parameter
D.
File type
Parameter
An HTTP class is available ..
A.
on any BIG-IP LTM system
B.
only when ASM is licensed.
C.
only when ASM or WA are licensed.
D.
only when a specific license key is required.
on any BIG-IP LTM system
Which of the following methods of protection operates on server responses?
A.
Dynamic parameter protection
B.
Response code validation and response scrubbing
C.
Response code validation and response scrubbing
D.
HTTP RFC compliancy check and meta-character enforcement
Response code validation and response scrubbing
Which of the following is not a configurable parameter data type?
A.
B.
Array
C.
Binary
D.
Decimal
Array
When we have a * wildcard entity configured in the File Type section with tightening enabled, the
following may occur when requests are passed through the policy. Which is the most accurate
statement?
A.
File type violations will not be triggered.
B.
File type violations will be triggered and learning will be available based on theseviolations
C.
File type entities will automatically be added to the policy (policy will tighten).
D.
File type violations will not be triggered and the entity learning section will be populatedwith file
type recommendations.
File type violations will be triggered and learning will be available based on theseviolations
A request is sent to the BIG-IP ASM System that generates a Length error violation. Which of the
following length types provides a valid learning suggestion? (Choose 3)
A.
URL
B.
Cookie
C.
Response
D.
POST data
E.
Query string
URL
POST data
Query string
There is multiple HTTP class profiles assigned to a virtual server. Each profile has Application
Security enabled. Which statement is true?
A.
Traffic will process through every HTTP class profile every time.
B.
Traffic will process through the first HTTP class profile that it matches and then stops.
C.
Traffic will process through one HTTP class profile and if the traffic matches another
D.
Traffic will only process through the HTTP class profile that it matches but alwaysprocesses
through the whole list and will process through each HTTP class profile itmatches.
Traffic will process through the first HTTP class profile that it matches and then stops.
| Page 16 out of 36 Pages |
| Previous |