101 · Question #179
A user is building a security policy using the Deployment Wizard and the Rapid Deployment application template. By default, which settings will be applied to the security policy? (Choose 3)
The correct answer is A. Data Guard will be enabled. B. The enforcement mode will be set to transparent. E. The Attack signature set applied will be Generic Detection Signatures.. The Rapid Deployment template defaults to transparent enforcement mode, enables Data Guard, and applies Generic Detection Signatures, but does not default to auto-detect encoding or enable wildcard tightening.
Question
A user is building a security policy using the Deployment Wizard and the Rapid Deployment application template. By default, which settings will be applied to the security policy? (Choose 3)
Options
- AData Guard will be enabled.
- BThe enforcement mode will be set to transparent.
- CThe encoding language will be set to auto detect.
- DWildcard tightening will be enabled on file types and parameters.
- EThe Attack signature set applied will be Generic Detection Signatures.
How the community answered
(22 responses)- A95% (21)
- D5% (1)
Why each option
The Rapid Deployment template defaults to transparent enforcement mode, enables Data Guard, and applies Generic Detection Signatures, but does not default to auto-detect encoding or enable wildcard tightening.
Data Guard is enabled by default in the Rapid Deployment template to automatically mask sensitive data patterns such as credit card numbers in server responses. This provides immediate data leakage protection without requiring additional configuration.
The enforcement mode defaults to transparent in the Rapid Deployment template, which allows all traffic through while logging violations. This lets administrators review policy behavior and tune it before switching to blocking mode.
The encoding language is not set to auto detect by default; the Rapid Deployment template uses a predefined specific encoding rather than automatic language detection.
Wildcard tightening is not enabled by default in the Rapid Deployment template; the policy maintains loose wildcard entities for file types and parameters rather than automatically refining them based on observed traffic.
The Generic Detection Signatures attack signature set is applied by default in the Rapid Deployment template to provide broad coverage against common web attacks. This signature set targets widely known attack patterns and enables immediate signature-based protection from the moment the policy is deployed.
Concept tested: Rapid Deployment template default settings in BIG-IP ASM
Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-implementations/creating-a-security-policy-using-the-deployment-wizard.html
Topics
Community Discussion
No community discussion yet for this question.