F5
101 · Question #369
101 Question #369: Real Exam Question with Answer & Explanation
The correct answer is A: Monitoring for a threshold of increased number of transactions per second per URL.. F5 ASM detects Layer 7 DoS attacks by tracking both absolute thresholds and relative percentage changes in transactions per second and server latency, providing four distinct detection vectors.
Question
ASM can detect Layer 7 DoS attacks by which four ways of monitoring: (Choose four.)
Options
- AMonitoring for a threshold of increased number of transactions per second per URL.
- BMonitoring for a % change in transactions per second per URL.
- CMonitoring for a % change in server latency or TPS.
- DMonitoring for a threshold of increased server latency or TPS.
- EMonitoring ASM policy builder performance.
- FMonitoring BIG-IP CPU utilization.
- GDeep Packet inspection.
Explanation
F5 ASM detects Layer 7 DoS attacks by tracking both absolute thresholds and relative percentage changes in transactions per second and server latency, providing four distinct detection vectors.
Common mistakes.
- E. ASM Policy Builder monitors traffic to build security policies automatically, not to detect real-time DoS conditions.
- F. BIG-IP CPU utilization is a system health metric, not a Layer 7 application-level DoS detection mechanism within ASM.
- G. Deep Packet Inspection is a general network technique not used by ASM as one of its four defined Layer 7 DoS detection methods.
Concept tested. F5 ASM Layer 7 DoS detection methods
Community Discussion
No community discussion yet for this question.