nerdexam
F5

101 · Question #151

Which of the following methods of protection is not available within the Protocol Security Manager for FTP protection?

The correct answer is A. Session timeout. BIG-IP Protocol Security Manager's FTP profile provides command-level controls but does not include a session timeout setting.

Section 2: F5 Solutions and Technology

Question

Which of the following methods of protection is not available within the Protocol Security Manager for FTP protection?

Options

  • ASession timeout
  • BCommand length
  • CAllowed commands
  • DAnonymous FTP restriction

How the community answered

(28 responses)
  • A
    93% (26)
  • B
    4% (1)
  • C
    4% (1)

Why each option

BIG-IP Protocol Security Manager's FTP profile provides command-level controls but does not include a session timeout setting.

ASession timeoutCorrect

Session timeout is not configurable within the Protocol Security Manager FTP profile - timeout behavior is governed by other BIG-IP profile settings such as the TCP or connection profile, not the FTP security profile.

BCommand length

Command length is a valid FTP protection option in Protocol Security Manager, enabling administrators to cap FTP command length and mitigate buffer overflow attempts.

CAllowed commands

Allowed commands is a valid FTP protection option that restricts which FTP commands may be issued, blocking any command not on the permitted list.

DAnonymous FTP restriction

Anonymous FTP restriction is a valid protection option that allows administrators to block or limit anonymous FTP logins to reduce unauthorized access risk.

Concept tested: BIG-IP Protocol Security Manager FTP profile available protections

Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/protecting-ftp-traffic.html

Topics

#Protocol Security Manager#FTP protection#PSM FTP#allowed commands

Community Discussion

No community discussion yet for this question.

Full 101 Practice