101 · Question #234
Which of the following are correct regarding Wildcard entities? (Choose 2)
The correct answer is A. Wildcard entities are the basis for positive security logic. D. Wildcard entities can be applied to file types, URLs, cookies and parameters.. Wildcard entities in F5 ASM are the foundation of positive security logic and can be scoped to file types, URLs, cookies, and parameters.
Question
Which of the following are correct regarding Wildcard entities? (Choose 2)
Options
- AWildcard entities are the basis for positive security logic.
- BWildcard entities are the basis for negative security logic.
- CWildcard entities require the need to learn only from violations.
- DWildcard entities can be applied to file types, URLs, cookies and parameters.
How the community answered
(27 responses)- A93% (25)
- B4% (1)
- C4% (1)
Why each option
Wildcard entities in F5 ASM are the foundation of positive security logic and can be scoped to file types, URLs, cookies, and parameters.
Wildcard entities serve as default catch-all placeholders in the positive security model, allowing traffic to pass before explicit entities are defined or learned by the policy builder.
Negative security logic is based on attack signatures and disallowed metacharacters, not on wildcard entities, which belong exclusively to the positive security model.
Wildcard entities do not restrict learning to violations only; the ASM policy builder can learn entity details from legitimate traffic flows as well.
Wildcard entities in ASM can be applied across all major entity types - file types, URLs, cookies, and parameters - providing broad initial coverage for a security policy.
Concept tested: F5 ASM wildcard entities in positive security model
Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-getting-started/wildcard-entities-in-security-policies.html
Topics
Community Discussion
No community discussion yet for this question.