101 · Question #151
Which of the following methods of protection is not available within the Protocol Security Manager for FTP protection?
The correct answer is A. Session timeout. BIG-IP Protocol Security Manager's FTP profile provides command-level controls but does not include a session timeout setting.
Question
Which of the following methods of protection is not available within the Protocol Security Manager for FTP protection?
Options
- ASession timeout
- BCommand length
- CAllowed commands
- DAnonymous FTP restriction
How the community answered
(28 responses)- A93% (26)
- B4% (1)
- C4% (1)
Why each option
BIG-IP Protocol Security Manager's FTP profile provides command-level controls but does not include a session timeout setting.
Session timeout is not configurable within the Protocol Security Manager FTP profile - timeout behavior is governed by other BIG-IP profile settings such as the TCP or connection profile, not the FTP security profile.
Command length is a valid FTP protection option in Protocol Security Manager, enabling administrators to cap FTP command length and mitigate buffer overflow attempts.
Allowed commands is a valid FTP protection option that restricts which FTP commands may be issued, blocking any command not on the permitted list.
Anonymous FTP restriction is a valid protection option that allows administrators to block or limit anonymous FTP logins to reduce unauthorized access risk.
Concept tested: BIG-IP Protocol Security Manager FTP profile available protections
Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/protecting-ftp-traffic.html
Topics
Community Discussion
No community discussion yet for this question.