101 · Question #165
Which of the following mitigation techniques is based on anomaly detection? (Choose 2)
The correct answer is A. Brute force attack prevention C. Web scraping attack prevention. Anomaly detection identifies attacks by recognizing deviations from a baseline of normal behavior, which applies to brute force and web scraping mitigation in BIG-IP ASM.
Question
Which of the following mitigation techniques is based on anomaly detection? (Choose 2)
Options
- ABrute force attack prevention
- BCrosssite request forgery prevention
- CWeb scraping attack prevention
- DParameter tampering prevention
How the community answered
(34 responses)- A71% (24)
- B12% (4)
- D18% (6)
Why each option
Anomaly detection identifies attacks by recognizing deviations from a baseline of normal behavior, which applies to brute force and web scraping mitigation in BIG-IP ASM.
Brute force attack prevention is anomaly-based because ASM establishes a baseline of normal login attempt frequency and flags deviations - such as excessive failed attempts from a source - as suspicious, without relying on a static signature.
CSRF prevention relies on token-based validation (verifying an anti-forgery token embedded in the request), which is a deterministic rule check, not anomaly detection.
Web scraping prevention is anomaly-based because ASM tracks request rates, session patterns, and navigation sequences to identify bot-like behavior that deviates from legitimate user traffic baselines.
Parameter tampering prevention uses explicit allowlisting of expected parameter names, types, and value ranges - a positive security model approach, not anomaly detection.
Concept tested: Anomaly-based vs signature-based mitigation in ASM
Source: https://techdocs.f5.com/kb/en-us/products/big-ip-asm/manuals/product/asm-implementations-13-1-0/11.html
Topics
Community Discussion
No community discussion yet for this question.