The BIG-IP ASM System uses metacharacter enforcement and attack signatures to protect against SQL injections. Metacharacter enforcement ensures that only sanctioned characters are used in input fields, while attack signatures are patterns that identify malicious SQL code. Together, these methods effectively guard against SQL injection attacks.