nerdexam
F5

101 · Question #157

Which of the following methods of protection operates on server responses?

The correct answer is B. Response code validation and response scrubbing. Two ASM protection mechanisms that inspect outbound server responses rather than inbound client requests are response code validation and response scrubbing.

Section 2: F5 Solutions and Technology

Question

Which of the following methods of protection operates on server responses?

Options

  • ADynamic parameter protection
  • BResponse code validation and response scrubbing
  • CResponse code validation and HTTP method validation
  • DHTTP RFC compliancy check and metacharacter enforcement

How the community answered

(15 responses)
  • A
    7% (1)
  • B
    93% (14)

Why each option

Two ASM protection mechanisms that inspect outbound server responses rather than inbound client requests are response code validation and response scrubbing.

ADynamic parameter protection

Dynamic parameter protection operates on incoming client requests by detecting and enforcing dynamically generated form field parameters, not on server responses.

BResponse code validation and response scrubbingCorrect

Response code validation inspects the HTTP status codes returned by the back-end server and can alert or block when unexpected codes are returned, while response scrubbing masks or removes sensitive data such as credit card numbers or SSNs from server responses before they reach the client. Both mechanisms are applied to the outbound server traffic flow in F5 BIG-IP ASM, making them distinctly response-side protections.

CResponse code validation and HTTP method validation

HTTP method validation inspects the method (GET, POST, DELETE, etc.) in incoming client requests, so it is a request-side protection rather than a response-side one.

DHTTP RFC compliancy check and metacharacter enforcement

HTTP RFC compliancy checks and metacharacter enforcement are applied to incoming client requests to ensure conformance to protocol standards, not to outbound server responses.

Concept tested: ASM response-side protection mechanisms

Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/scrubbing-information-from-responses.html

Topics

#response scrubbing#response code validation#server response protection#ASM features

Community Discussion

No community discussion yet for this question.

Full 101 Practice