101 · Question #251
When implementing Data Guard, BIG-IP ASM scans for suspicious patterns in? (Choose 2)
The correct answer is B. All server responses D. Specific server responses. BIG-IP ASM Data Guard prevents sensitive data leakage by scanning server responses - both all responses and specific configured responses - to detect and mask patterns like credit card numbers or SSNs.
Question
When implementing Data Guard, BIG-IP ASM scans for suspicious patterns in? (Choose 2)
Options
- AAll client requests
- BAll server responses
- CSpecific client requests
- DSpecific server responses
How the community answered
(27 responses)- A4% (1)
- B89% (24)
- C7% (2)
Why each option
BIG-IP ASM Data Guard prevents sensitive data leakage by scanning server responses - both all responses and specific configured responses - to detect and mask patterns like credit card numbers or SSNs.
Data Guard is not designed to scan all client requests - its purpose is to prevent outbound data leakage from server responses, not to inspect inbound client traffic.
Data Guard can be configured to scan all server responses for sensitive data patterns, ensuring no response inadvertently leaks protected information to clients.
Scanning specific client requests is not a function of Data Guard; client-side request inspection for attacks is handled by other ASM policy components, not Data Guard.
Data Guard can also be scoped to scan only specific server responses based on configured URL patterns or file types, allowing targeted enforcement where sensitive data is most likely to appear.
Concept tested: F5 BIG-IP ASM Data Guard server response scanning
Source: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-asm-implementations/implementing-data-guard-in-a-security-policy.html
Topics
Community Discussion
No community discussion yet for this question.