nerdexam
F5

101 · Question #178

When building a policy based on live traffic using the automated policy builder, which of the following elements will not be taken into account when analyzing the traffic?

The correct answer is A. The size of the response. The ASM automated policy builder examines URIs, response codes, and parameter values to model legitimate traffic, but HTTP response size is not a factor used in policy construction.

Section 2: F5 Solutions and Technology

Question

When building a policy based on live traffic using the automated policy builder, which of the following elements will not be taken into account when analyzing the traffic?

Options

  • AThe size of the response
  • BThe requested resource (URI)
  • CThe response code from the web server
  • DThe parameter values of static based parameters

How the community answered

(57 responses)
  • A
    84% (48)
  • B
    5% (3)
  • C
    2% (1)
  • D
    9% (5)

Why each option

The ASM automated policy builder examines URIs, response codes, and parameter values to model legitimate traffic, but HTTP response size is not a factor used in policy construction.

AThe size of the responseCorrect

Response size is not one of the traffic attributes analyzed by the automated policy builder when learning normal application behavior. The builder focuses on structural and semantic elements of requests and responses - such as URLs, parameters, and status codes - rather than the byte length of response payloads.

BThe requested resource (URI)

The requested URI is a core element the policy builder analyzes to populate the allowed URL list and identify the application's attack surface.

CThe response code from the web server

Response codes from the web server help the policy builder determine which requests result in successful responses, filtering out error traffic from the learning set.

DThe parameter values of static based parameters

Static parameter values are evaluated by the policy builder to define allowed value patterns and establish a baseline for detecting anomalous or malicious input.

Concept tested: ASM automated policy builder traffic analysis criteria

Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-implementations/automatically-building-a-security-policy.html

Topics

#automated policy builder#live traffic analysis#traffic elements#security policy building

Community Discussion

No community discussion yet for this question.

Full 101 Practice