Torti - I'm looking into this myself at the mo due to a future migration. Looks like you need two rules for ASM and traffic policies. The example F5 give is the default rule pushes all traffic to the security policy and then you can create custom rules to disable the security policy, say on specific URIs.
Anyway see for more info:
http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-4-0/20.html?sr=32535189
Looks like your default rule might be to disable ASM and the specific rule for /test to enable it.
Hope this helps, N