nerdexam
F5

101 · Question #182

Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer overflow attacks?

The correct answer is B. Length restrictions and attack signatures. BIG-IP ASM mitigates buffer overflow attacks by combining length restrictions on input fields with attack signatures that identify known overflow patterns.

Section 2: F5 Solutions and Technology

Question

Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer overflow attacks?

Options

  • AHTTP RFC compliancy checks
  • BLength restrictions and attack signatures
  • CLength restrictions and site cookie compliancy checks
  • DMetacharacter enforcement and HTTP RFC compliancy check

How the community answered

(21 responses)
  • B
    95% (20)
  • D
    5% (1)

Why each option

BIG-IP ASM mitigates buffer overflow attacks by combining length restrictions on input fields with attack signatures that identify known overflow patterns.

AHTTP RFC compliancy checks

HTTP RFC compliancy checks validate protocol formatting but do not directly address input length abuse that characterizes buffer overflow attacks.

BLength restrictions and attack signaturesCorrect

Length restrictions prevent attackers from sending oversized payloads that could overflow buffers by enforcing maximum allowed lengths on parameters, headers, and URLs, while attack signatures detect known buffer overflow exploit patterns in request content, providing a layered defense.

CLength restrictions and site cookie compliancy checks

Site cookie compliancy checks verify cookie integrity and are unrelated to blocking oversized input payloads used in buffer overflow exploits.

DMetacharacter enforcement and HTTP RFC compliancy check

Metacharacter enforcement restricts special characters and, while useful for injection attacks, does not address the excessive length of data that defines a buffer overflow attack.

Concept tested: ASM buffer overflow mitigation using length restrictions and signatures

Source: https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-6-0/5.html

Topics

#ASM#buffer overflow#attack signatures#length restrictions

Community Discussion

No community discussion yet for this question.

Full 101 Practice