101 · Question #263
When choosing Fundamental as the Policy Builder security policy type, BIG-IP ASM will learn and enforce the following components? (Choose 2)
The correct answer is A. Attack signatures C. HTTP protocol compliance. When using the Fundamental policy type, BIG-IP ASM Policy Builder learns and enforces attack signatures and HTTP protocol compliance, providing baseline protection without deep application modeling.
Question
When choosing Fundamental as the Policy Builder security policy type, BIG-IP ASM will learn and enforce the following components? (Choose 2)
Options
- AAttack signatures
- BGlobal parameters
- CHTTP protocol compliance
- DURLs and meta characters
How the community answered
(43 responses)- A88% (38)
- B9% (4)
- D2% (1)
Why each option
When using the Fundamental policy type, BIG-IP ASM Policy Builder learns and enforces attack signatures and HTTP protocol compliance, providing baseline protection without deep application modeling.
Attack signatures are enforced under the Fundamental policy type, enabling detection of known exploit patterns such as SQL injection and XSS without requiring the policy to learn application-specific URLs.
Global parameters are a component learned and enforced by the Comprehensive policy type, which builds a full application model including parameter names, values, and data types.
HTTP protocol compliance checks are part of the Fundamental policy type and enforce RFC-compliant request formatting, catching malformed or evasive HTTP requests that could indicate an attack.
URLs and meta characters are learned and enforced under the Comprehensive policy type, which performs deeper application learning by observing and allowlisting specific application URLs.
Concept tested: BIG-IP ASM Policy Builder Fundamental security policy components
Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-asm-getting-started/about-policy-builder-and-automatic-policy-building.html
Topics
Community Discussion
No community discussion yet for this question.