nerdexam
F5

101 · Question #254

Which of the following is not a method of protection for user-input parameters?

The correct answer is A. Value extraction. BIG-IP ASM protects user-input parameters through attack signatures, length restrictions, and meta character enforcement. Value extraction is a data retrieval operation, not a protection mechanism.

Section 4: Security Basics

Question

Which of the following is not a method of protection for user-input parameters?

Options

  • AValue extraction
  • BAttack signatures
  • CLength restriction
  • DMeta character enforcement

How the community answered

(34 responses)
  • A
    88% (30)
  • B
    3% (1)
  • C
    3% (1)
  • D
    6% (2)

Why each option

BIG-IP ASM protects user-input parameters through attack signatures, length restrictions, and meta character enforcement. Value extraction is a data retrieval operation, not a protection mechanism.

AValue extractionCorrect

Value extraction is the process of pulling specific data from HTTP responses or content, not a method for protecting parameters from malicious input. It does not validate, restrict, or sanitize user-supplied parameter data in any way.

BAttack signatures

Attack signatures are a valid ASM protection method that inspects parameter values for known malicious patterns such as SQL injection or XSS strings.

CLength restriction

Length restriction is a valid protection that limits how many characters a parameter value can contain, mitigating buffer overflow and oversized input attacks.

DMeta character enforcement

Meta character enforcement controls which special characters are permitted in parameter values, preventing injection attacks that rely on characters like quotes or semicolons.

Concept tested: BIG-IP ASM parameter-level protection methods

Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-implementations/setting-up-security-policy-manually.html

Topics

#input parameter protection#attack signatures#ASM#length restriction

Community Discussion

No community discussion yet for this question.

Full 101 Practice