101 · Question #157
Which of the following methods of protection operates on server responses?
The correct answer is B. Response code validation and response scrubbing. Two ASM protection mechanisms that inspect outbound server responses rather than inbound client requests are response code validation and response scrubbing.
Question
Which of the following methods of protection operates on server responses?
Options
- ADynamic parameter protection
- BResponse code validation and response scrubbing
- CResponse code validation and HTTP method validation
- DHTTP RFC compliancy check and metacharacter enforcement
How the community answered
(15 responses)- A7% (1)
- B93% (14)
Why each option
Two ASM protection mechanisms that inspect outbound server responses rather than inbound client requests are response code validation and response scrubbing.
Dynamic parameter protection operates on incoming client requests by detecting and enforcing dynamically generated form field parameters, not on server responses.
Response code validation inspects the HTTP status codes returned by the back-end server and can alert or block when unexpected codes are returned, while response scrubbing masks or removes sensitive data such as credit card numbers or SSNs from server responses before they reach the client. Both mechanisms are applied to the outbound server traffic flow in F5 BIG-IP ASM, making them distinctly response-side protections.
HTTP method validation inspects the method (GET, POST, DELETE, etc.) in incoming client requests, so it is a request-side protection rather than a response-side one.
HTTP RFC compliancy checks and metacharacter enforcement are applied to incoming client requests to ensure conformance to protocol standards, not to outbound server responses.
Concept tested: ASM response-side protection mechanisms
Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/scrubbing-information-from-responses.html
Topics
Community Discussion
No community discussion yet for this question.