nerdexam
F5

101 · Question #166

Which of the following are default settings when using the Policy Builder to build a security policy based on the QA lab deployment scenario? (Choose 2)

The correct answer is B. Attack signatures are not placed in staging C. The security policy is placed in blocking mode. The BIG-IP ASM Policy Builder QA lab deployment scenario defaults to blocking mode with attack signatures immediately enforced, not staged.

Section 2: F5 Solutions and Technology

Question

Which of the following are default settings when using the Policy Builder to build a security policy based on the QA lab deployment scenario? (Choose 2)

Options

  • AAll learned entities are placed in staging.
  • BAttack signatures are not placed in staging
  • CThe security policy is placed in blocking mode
  • DTightening is enabled only on file types and parameters.

How the community answered

(52 responses)
  • A
    4% (2)
  • B
    88% (46)
  • D
    8% (4)

Why each option

The BIG-IP ASM Policy Builder QA lab deployment scenario defaults to blocking mode with attack signatures immediately enforced, not staged.

AAll learned entities are placed in staging.

In the QA lab scenario, learned entities such as URLs and parameters are placed directly into the enforced policy rather than staging, because QA traffic is assumed to be clean and representative.

BAttack signatures are not placed in stagingCorrect

In the QA lab scenario, Policy Builder treats attack signatures as already validated by prior testing, so they are enforced directly without staging, unlike a production learning scenario.

CThe security policy is placed in blocking modeCorrect

The QA lab scenario assumes the environment is pre-tested and stable, so the Policy Builder places the security policy directly into blocking mode rather than transparent mode.

DTightening is enabled only on file types and parameters.

Tightening in the QA lab scenario is applied broadly across all entity types, not restricted to only file types and parameters.

Concept tested: BIG-IP ASM Policy Builder QA lab scenario defaults

Source: https://techdocs.f5.com/kb/en-us/products/big-ip-asm/manuals/product/asm-implementations-13-1-0/4.html

Topics

#Policy Builder#staging#blocking mode#security policy defaults

Community Discussion

No community discussion yet for this question.

Full 101 Practice