101 · Question #142
Which of the following does not pertain to protecting the Requested Resource (URI) element?
The correct answer is C. Domain cookie validation. The Requested Resource (URI) element is protected by file type, URL name, and attack signature checks - domain cookie validation is a separate cookie-layer concern, not a URI-level protection.
Question
Which of the following does not pertain to protecting the Requested Resource (URI) element?
Options
- AFile type validation
- BURL name validation
- CDomain cookie validation
- DAttack signature validation
How the community answered
(35 responses)- A3% (1)
- B3% (1)
- C89% (31)
- D6% (2)
Why each option
The Requested Resource (URI) element is protected by file type, URL name, and attack signature checks - domain cookie validation is a separate cookie-layer concern, not a URI-level protection.
File type validation checks the extension portion of the URI (e.g., .php, .asp) and is a direct component of requested resource protection.
URL name validation verifies the URL path itself against allowed or disallowed patterns, which is a core part of protecting the requested resource.
Domain cookie validation inspects the cookie header and its domain attribute, which is part of the HTTP cookie security layer, not the requested resource (URI) element. BIG-IP ASM separates cookie-based protections from URI/resource-based protections in its security policy structure.
Attack signature validation can be applied to URI values to detect injection attempts and other malicious patterns embedded in the requested resource.
Concept tested: BIG-IP ASM URI element protection vs. cookie protection
Source: https://techdocs.f5.com/en-us/bigip-asm-implementations/protecting-web-applications-overview.html
Topics
Community Discussion
No community discussion yet for this question.