101 · Question #154
Which of the following methods are used by the BIG-IP ASM System to protect against SQL injections?
The correct answer is B. Metacharacter enforcement and attack signatures. BIG-IP ASM defends against SQL injection primarily through metacharacter enforcement and attack signatures, which block the special characters and known patterns that SQL injection exploits rely on.
Question
Which of the following methods are used by the BIG-IP ASM System to protect against SQL injections?
Options
- AHTTP RFC compliancy checks
- BMetacharacter enforcement and attack signatures
- CHTTP RFC compliancy checks and length restrictions
- DResponse scrubbing, HTTP RFC compliancy checks, and metacharacter enforcement
How the community answered
(27 responses)- A7% (2)
- B89% (24)
- C4% (1)
Why each option
BIG-IP ASM defends against SQL injection primarily through metacharacter enforcement and attack signatures, which block the special characters and known patterns that SQL injection exploits rely on.
HTTP RFC compliancy checks validate that requests conform to HTTP protocol standards; they do not inspect or restrict SQL-specific metacharacters in parameter values.
Metacharacter enforcement prevents SQL injection by blocking or escaping special characters such as single quotes, semicolons, and comment sequences that attackers embed in input to alter SQL query logic. Attack signatures provide a pattern-matching layer that detects known SQL injection payloads in request parameters, cookies, and headers, giving ASM two complementary and targeted defenses specifically designed for SQL injection.
Length restrictions limit input size and can reduce attack surface, but they do not detect or block SQL syntax patterns; combining them with RFC checks still leaves metacharacter-based SQL payloads unaddressed.
Response scrubbing is used to prevent sensitive data leakage in server responses and does not prevent SQL injection in inbound requests; including it here conflates two separate protection mechanisms.
Concept tested: BIG-IP ASM SQL injection prevention methods
Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-implementations/preventing-sql-injection-attacks.html
Topics
Community Discussion
No community discussion yet for this question.