101 · Question #182
Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer overflow attacks?
The correct answer is B. Length restrictions and attack signatures. BIG-IP ASM mitigates buffer overflow attacks by combining length restrictions on input fields with attack signatures that identify known overflow patterns.
Question
Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer overflow attacks?
Options
- AHTTP RFC compliancy checks
- BLength restrictions and attack signatures
- CLength restrictions and site cookie compliancy checks
- DMetacharacter enforcement and HTTP RFC compliancy check
How the community answered
(21 responses)- B95% (20)
- D5% (1)
Why each option
BIG-IP ASM mitigates buffer overflow attacks by combining length restrictions on input fields with attack signatures that identify known overflow patterns.
HTTP RFC compliancy checks validate protocol formatting but do not directly address input length abuse that characterizes buffer overflow attacks.
Length restrictions prevent attackers from sending oversized payloads that could overflow buffers by enforcing maximum allowed lengths on parameters, headers, and URLs, while attack signatures detect known buffer overflow exploit patterns in request content, providing a layered defense.
Site cookie compliancy checks verify cookie integrity and are unrelated to blocking oversized input payloads used in buffer overflow exploits.
Metacharacter enforcement restricts special characters and, while useful for injection attacks, does not address the excessive length of data that defines a buffer overflow attack.
Concept tested: ASM buffer overflow mitigation using length restrictions and signatures
Source: https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-6-0/5.html
Topics
Community Discussion
No community discussion yet for this question.