101 · Question #175
Which of the following is not a feature of a standalone BIG-IP ASM System?
The correct answer is B. Multiple pool members. Multiple pool members is a load balancing capability belonging to BIG-IP LTM, not a security feature available in a standalone ASM deployment.
Question
Which of the following is not a feature of a standalone BIG-IP ASM System?
Options
- AAttack signatures
- BMultiple pool members
- CPositive security model
- DRealtime traffic policy builder
- EPredefined security policy templates
How the community answered
(41 responses)- A2% (1)
- B88% (36)
- C2% (1)
- D7% (3)
Why each option
Multiple pool members is a load balancing capability belonging to BIG-IP LTM, not a security feature available in a standalone ASM deployment.
Attack signatures are a fundamental ASM security feature used for negative security detection of known exploit patterns.
BIG-IP ASM is a Web Application Firewall module focused entirely on application security inspection. Distributing traffic across multiple pool members is a core BIG-IP LTM function. A standalone ASM system does not include LTM load balancing capability, so multiple pool members are not available without LTM integration.
The positive security model is native to ASM and defines explicitly allowed requests, URLs, and parameters via a policy whitelist.
The real-time traffic policy builder is an ASM-specific feature that dynamically constructs security policy by analyzing observed live application traffic.
Predefined security policy templates are built into ASM and provide ready-made configurations for common application platforms and frameworks.
Concept tested: Standalone BIG-IP ASM feature set boundaries vs LTM
Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-getting-started.html
Topics
Community Discussion
No community discussion yet for this question.