Which of the following statements are correct regarding positive and negative security models? (Choose 2)
A. Positive security model allows all transactions by default.
B. Negative security model denies all transactions by default.
C. Negative security model allows all transactions by default and rejects only transactions that contain attacks.
D. Positive security model denies all transactions by default and uses rules that allow only those transactions that are considered safe and valid.
Which events are valid iRule events triggered by BIG-IP ASM processing? (Choose 2)
A. ASM_REQUEST_BLOCKING
B. ASM_REQUEST_ACCEPTED
C. ASM_REQUEST_VIOLATION
D. ASM_RESPONSE_BLOCKING
Logging profiles are assigned to?
A. HTTP class
B. Security policies
C. Web applications
D. Attack signatures
Which of the following is a language used for content provided by a web server to a web client?
A. FTP
B. TCP
C. HTTP
D. HTML
There are multiple HTTP class profiles assigned to a virtual server. Each profile has Application Security enabled. Which statement is true?
A. Traffic will process through every HTTP class profile every time.
B. Traffic will process through the first HTTP class profile that it matches and then stops.
C. Traffic will process through one HTTP class profile and if the traffic matches another profile, BIG-IP System will send a redirect to the client.
D. Traffic will only process through the HTTP class profile that it matches but always processes through the whole list and will process through each HTTP class profile it matches.
The BIG-IP ASM System sets two types of cookies to enforce elements in the security policy. The two types are main and frame cookies. What is the purpose of the frame cookie? (Choose 2)
A. Validates domain cookies
B. Detects session expiration
C. Stores dynamic parameters and values
D. Handles dynamic parameter names and flow extractions
Which of the following mitigation techniques is based on anomaly detection? (Choose 2)
A. Brute force attack prevention
B. Cross-site request forgery prevention
C. Web scraping attack prevention
D. Parameter tampering prevention
When initially configuring the BIG-IP System using the config tool, which of the following parameters can be configured? (Choose 3)
A. System hostname
B. Netmask of the management port
C. IP address of the management port
D. Default route of the management port
E. Port lockdown of the management port
Which method of protection is not provided by the Rapid Deployment policy template?
A. Data leakage
B. Buffer overflow
C. HTTP protocol compliance
D. Dynamic parameter validation
The Web Application Security Administrator user role can perform which of the following functions? (Choose 2)
A. Modify HTTP class profiles
B. Create new HTTP class profiles
C. Create new Attack signature sets
D. Assign HTTP class profiles to virtual servers
E. Configure Advanced options within the BIG-IP ASM System