Which of the following are correct regarding Wildcard entities? (Choose 2)
A. Wildcard entities are the basis for positive security logic.
B. Wildcard entities are the basis for negative security logic.
C. Wildcard entities require the need to learn only from violations.
D. Wildcard entities can be applied to file types, URLs, cookies and parameters.
Which of the following is correct regarding User-defined Attack signatures?
A. User-defined signatures use an F5-supplied syntax
B. User-defined signatures may only use regular expressions
C. Attack signatures may be grouped within system-supplied signatures
D. User-defined signatures may not be applied globally within the entire policy
There are many user roles configurable on the BIG-IP ASM System. Which of the following user roles have access to make changes to ASM policies? (Choose 3)
A. Guest
B. Operator
C. Administrator
D. Web Application Security Editor
E. Web Application Security Administrator
Learning suggestions in the Policy Building pages allow for which of the following? (Choose 2)
A. XML-based parameters and associated schema are automatically learned.
B. Blocking response pages can be automatically generated from web site content.
C. Flow level parameters are displayed when found and can be accepted into the current policy.
D. The administrator may modify whether the BIG-IP ASM System will learn, alarm, or block detected violations.
E. Maximum acceptable values for length violations are calculated and can be accepted into the security policy by the administrator.
Logging profiles are assigned to?
A. HTTP class
B. Security policies
C. Web applications
D. Attack signatures
Which of the following methods are used by the BIG-IP ASM System to protect against SQL injections?
A. HTTP RFC compliancy checks
B. Meta-character enforcement and attack signatures
C. HTTP RFC compliancy checks and length restrictions
D. Response scrubbing, HTTP RFC compliancy checks, and meta-character enforcement
A request is sent to the BIG-IP ASM System that generates a Length error violation. Which of the following length types provides a valid learning suggestion? (Choose 3)
A. URL
B. Cookie
C. Response
D. POST data
E. Query string
A security audit has determined that your web application is vulnerable to a cross-site scripting attack. Which of the following measures are appropriate when building a security policy? (Choose 2)
A. Cookie length must be restricted to 1024 bytes.
B. Attack signature sets must be applied to any user input parameters.
C. Parameter data entered for explicit objects must be checked for minimum and maximum values.
D. Parameter data entered for flow-level parameters must allow some meta-characters but not others.
Which level of parameter assumes the highest precedence in BIG-IP ASM System processing logic?
A. Flow
B. Object
C. Global
D. URL
Which of the following storage type combinations are configurable in an ASM logging profile?
A. Local and Syslog
B. Local and Remote
C. Remote and Syslog
D. Remote and Reporting Server