nerdexam
F5

101 · Question #142

Which of the following does not pertain to protecting the Requested Resource (URI) element?

The correct answer is C. Domain cookie validation. The Requested Resource (URI) element is protected by file type, URL name, and attack signature checks - domain cookie validation is a separate cookie-layer concern, not a URI-level protection.

Section 2: F5 Solutions and Technology

Question

Which of the following does not pertain to protecting the Requested Resource (URI) element?

Options

  • AFile type validation
  • BURL name validation
  • CDomain cookie validation
  • DAttack signature validation

How the community answered

(35 responses)
  • A
    3% (1)
  • B
    3% (1)
  • C
    89% (31)
  • D
    6% (2)

Why each option

The Requested Resource (URI) element is protected by file type, URL name, and attack signature checks - domain cookie validation is a separate cookie-layer concern, not a URI-level protection.

AFile type validation

File type validation checks the extension portion of the URI (e.g., .php, .asp) and is a direct component of requested resource protection.

BURL name validation

URL name validation verifies the URL path itself against allowed or disallowed patterns, which is a core part of protecting the requested resource.

CDomain cookie validationCorrect

Domain cookie validation inspects the cookie header and its domain attribute, which is part of the HTTP cookie security layer, not the requested resource (URI) element. BIG-IP ASM separates cookie-based protections from URI/resource-based protections in its security policy structure.

DAttack signature validation

Attack signature validation can be applied to URI values to detect injection attempts and other malicious patterns embedded in the requested resource.

Concept tested: BIG-IP ASM URI element protection vs. cookie protection

Source: https://techdocs.f5.com/en-us/bigip-asm-implementations/protecting-web-applications-overview.html

Topics

#URI protection#ASM policy elements#request resource#domain cookie

Community Discussion

No community discussion yet for this question.

Full 101 Practice