Transcript
Page 1: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

F5_Networks F50-536F50-536 : BIG-IP ASM v10.x (F50-536)

10 Q&A

Version 3.0

http://www.certways.com/f50-536.htm

Page 2: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 2 -

Important Note, Please Read Carefully

Other F50-536 productsA) Offline Testing engineUse the offline Testing engine product topractice the questions in an exam environment.

Build a foundation of knowledge which will be useful also after passing the exam.

Latest VersionWe are constantly reviewing our products. New material is added and old material isrevised. Free updates are available for 90 days after the purchase. You should check yourmember zone at F50-536 and update 3-4 days before the scheduled exam date.

Here is the procedure to get the latest version:

1.Go towww.F50-536.com2.Click on Log in3.The latest versions of all purchased products are downloadable from here. Just click thelinks.For most updates,it is enough just to print the new questions at the end of the newversion, not the whole document.

FeedbackIf you spot a possible improvement then please let us know. We always interested inimproving product quality.Feedback should be send to [email protected]. You should include the following:Exam number, version, page number, question number, and your login Email.

Our experts will answer your mail promptly.

CopyrightEach iPAD file is a green exe file. if we find out that a particular iPAD Viewer file isbeing distributed by you, F50-536 reserves the right to take legal action against youaccording to the International Copyright Laws.

ExplanationsThis product does not include explanations at the moment. If you are interested inproviding explanations for this exam, please contact [email protected].

Page 3: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 3 -

www.F50-536.com Q: 1 Which of the following are correct regarding Wildcardentities? (Choose 2)

A. Wildcard entities are the basis for positive security logic.

B. Wildcard entities are the basis for negative security logic.

C. Wildcard entities require the need to learn only from violations.

D. Wildcard entities can be applied to file types, URLs, cookies and parameters.

Answer: A, D

www.F50-536.com Q: 2 Flow login allows for more granular protection of login andlogout URLs within web applications.Which of the following are components of flow login? (Choose 3)

A. Schema

B. Login URLs

C. Login pages

D. Attack signatures

E. Access validation

Answer: B, C, E

Page 4: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 4 -

www.F50-536.com Q: 3 The BIG-IP ASM System is configured with a virtualserver that contains an HTTP class profile and the protected pool members areassociated within the HTTP class profile pool definition. The status of this virtualserver is unknown (Blue).Which of the following conditions will make this virtual server become available(Green)?

A. Assign a successful monitor to the virtual server

B. Assign a successful monitor to the members of the HTTP class profile pool

C. Associate a fallback host to the virtual server and assign a successful monitor to thefallback host

D. Associate a default pool to the virtual server and assign a successful monitor to thepool members

Answer: D

www.F50-536.com Q: 4 Which of the following does not pertain to protecting theRequested Resource (URI) element?

A. File type validation

B. URL name validation

C. Domain cookie validation

D. Attack signature validation

Answer: C

www.F50-536.com Q: 5 Which of the following protocol protections is not providedby the Protocol Security Manager?

Page 5: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 5 -

A. FTP

B. SSH

C. HTTP

D. SMTP

Answer: B

www.F50-536.com Q: 6 Which of the following is correct regarding User-definedAttack signatures?

A. User-defined signatures use an F5-supplied syntax

B. User-defined signatures may only use regular expressions

C. Attack signatures may be grouped within system-supplied signatures

D. User-defined signatures may not be applied globally within the entire policy

Answer: A

www.F50-536.com Q: 7 Which of the following methods of protection is notavailable within the Protocol Security Manager for HTTP traffic?

A. Data guard

B. Attack signatures

C. Evasion techniques

D. File type enforcement

Page 6: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 6 -

Answer: B

www.F50-536.com Q: 8 There are many user roles configurable on the BIG-IPASM System. Which of the following user roles have access to make changes toASM policies? (Choose 3)

A. Guest

B. Operator

C. Administrator

D. Web Application Security Editor

E. Web Application Security Administrator

Answer: C, D, E

www.F50-536.com Q: 9 In the following configuration, a virtual server has thefollowing HTTP class configuration:HTTP Class 1 = Host pattern www.f5.comHTTP Class 2 = No filtersA request arriving for WWW.F5.COM will be matched by which class(es)?

A. Class 1

B. Class 2

C. Both Class 1 and Class 2

D. The request will be dropped

Page 7: Certways F50-536 Exam - BIG-IP ASM v10.x (F50-536)

Leading the way in IT testing and certification tools, www.CertWays.com

- 7 -

Answer: B

www.F50-536.com Q: 10 Learning suggestions in the Policy Building pages allowfor which of the following? (Choose 2)

A. XML-based parameters and associated schema are automatically learned.

B. Blocking response pages can be automatically generated from web site content.

C. Flow level parameters are displayed when found and can be accepted into the currentpolicy.

D. The administrator may modify whether the BIG-IP ASM System will learn, alarm, orblock detected violations.

E. Maximum acceptable values for length violations are calculated and can be acceptedinto the security policy by the administrator.

Answer: C, E


Top Related