F50-536 Online Practice Questions and Answers

Which of the following is correct regarding User-defined Attack signatures?

A. User-defined signatures use an F5-supplied syntax

B. User-defined signatures may only use regular expressions

C. Attack signatures may be grouped within system-supplied signatures

D. User-defined signatures may not be applied globally within the entire policy

Which of the following methods are used by the BIG-IP ASM System to protect against SQL injections?

A. HTTP RFC compliancy checks

B. Meta-character enforcement and attack signatures

C. HTTP RFC compliancy checks and length restrictions

D. Response scrubbing, HTTP RFC compliancy checks, and meta-character enforcement

An HTTP class is available

A. on any BIG-IP LTM system

B. only when ASM is licensed.

C. only when ASM or WA are licensed.

D. only when a specific license key is required.

Which of the following is not a configurable parameter data type?

A. Email

B. Array

C. Binary

D. Decimal

A request is sent to the BIG-IP ASM System that generates a Length error violation. Which of the following length types provides a valid learning suggestion? (Choose 3)

A. URL

B. Cookie

C. Response

D. POST data

E. Query string

There are multiple HTTP class profiles assigned to a virtual server. Each profile has Application Security enabled. Which statement is true?

A. Traffic will process through every HTTP class profile every time.

B. Traffic will process through the first HTTP class profile that it matches and then stops.

C. Traffic will process through one HTTP class profile and if the traffic matches another profile, BIG-IP System will send a redirect to the client.

D. Traffic will only process through the HTTP class profile that it matches but always processes through the whole list and will process through each HTTP class profile it matches.

Which of the following is correct regarding static parameters?

A. A static parameter is stored in a frame cookie.

B. A static parameter is pre-defined by the web application logic.

C. A static parameter is learned only by using the Deployment Wizard.

D. A static parameter is mapped once when creating the application flow model.

Sensitive parameters is a feature used to hide sensitive information from being displayed in which of the following?

A. Client request

B. Server response

C. GUI and logs of BIG-IP ASM System

D. Configuration file of BIG-IP ASM System

Tightening is a feature of which type of entity?

A. Explicit URLs

B. Attack signatures

C. Flow login URLs

D. Wildcard parameters

Which of the following is not a feature of a standalone BIG-IP ASM System?

A. Attack signatures

B. Multiple pool members

C. Positive security model

D. Real-time traffic policy builder

E. Pre-defined security policy templates

A user is building a security policy using the Deployment Wizard and the Rapid Deployment application template. By default, which settings will be applied to the security policy? (Choose 3)

A. Data Guard will be enabled.

B. The enforcement mode will be set to transparent.

C. The encoding language will be set to auto detect.

D. Wildcard tightening will be enabled on file types and parameters.

E. The Attack signature set applied will be Generic Detection Signatures.

Which of the following are properties of an ASM logging profile? (Choose 2)

A. storage type

B. storage filter

C. storage policy

D. web application

The Web Application Security Administrator user role can perform which of the following functions? (Choose 2)

A. Modify HTTP class profiles

B. Create new HTTP class profiles

C. Create new Attack signature sets

D. Assign HTTP class profiles to virtual servers

E. Configure Advanced options within the BIG-IP ASM System

Which level of parameter assumes the highest precedence in BIG-IP ASM System processing logic?

A. Flow

B. Object

C. Global

D. URL

Which of the following storage type combinations are configurable in an ASM logging profile?

A. Local and Syslog

B. Local and Remote

C. Remote and Syslog

D. Remote and Reporting Server