nerdexam
F5

101 · Question #145

Which of the following methods of protection is not available within the Protocol Security Manager for HTTP traffic?

The correct answer is B. Attack signatures. The Protocol Security Manager (PSM) in BIG-IP ASM handles HTTP protocol-level protections, but attack signatures are managed separately by the main ASM signature engine, not the PSM.

Section 2: F5 Solutions and Technology

Question

Which of the following methods of protection is not available within the Protocol Security Manager for HTTP traffic?

Options

  • AData guard
  • BAttack signatures
  • CEvasion techniques
  • DFile type enforcement

How the community answered

(41 responses)
  • A
    5% (2)
  • B
    90% (37)
  • C
    2% (1)
  • D
    2% (1)

Why each option

The Protocol Security Manager (PSM) in BIG-IP ASM handles HTTP protocol-level protections, but attack signatures are managed separately by the main ASM signature engine, not the PSM.

AData guard

Data guard is a valid PSM protection that prevents sensitive data such as credit card numbers or Social Security numbers from being returned in HTTP responses.

BAttack signaturesCorrect

Attack signatures are a core ASM feature managed through the signature database and policy configuration, separate from the Protocol Security Manager. The PSM focuses on protocol compliance and enforcement mechanisms like evasion technique detection, data leakage prevention, and file type validation - not signature-based attack detection.

CEvasion techniques

Evasion technique detection is a PSM feature that identifies attempts to bypass inspection through methods like directory traversal or URL encoding obfuscation.

DFile type enforcement

File type enforcement is available in the PSM and allows administrators to restrict which file extensions are permitted in HTTP requests.

Concept tested: BIG-IP ASM Protocol Security Manager HTTP protections

Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-implementations/implementing-protocol-security.html

Topics

#Protocol Security Manager#HTTP protection#PSM features#data guard

Community Discussion

No community discussion yet for this question.

Full 101 Practice