Professional Documents
Culture Documents
Beschrijving:
This 4-day F5 course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager
(ASM) to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different
ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force,
bots, code injection, and zero day exploits.
Doelgroep:
This course is intended for SecOps personnel responsible for the deployment, tuning, and day-to-day maintenance of ASM (Application
Security Manager). Participants will obtain a functional level of expertise with ASM, including comprehensive security policy and profile
configuration, client assessment, and appropriate mitigation types. Experience with LTM is not required.Prior WAF knowledge is not
required.This course is on the list of approved study resources for the F5 ASM 303 certification exam.
Network Administrator
Doelstelling:
At the end of this course, the student will be able to: Configure security processing at the parameter level of a web
application
Describe the role of the BIG-IP system as a full proxy device in
an application delivery network Deploy ASM using the Automatic Policy Builder
Provision the Application Security Manager Tune a policy manually or allow automatic policy building
Define a web application firewall Integrate third party application vulnerability scanner output into a
security policy
Describe how ASM protects a web application by securing file
types, URLs, and parameters Configure login enforcement for flow control
Deploy ASM using the Rapid Deployment template (and other Mitigate credential stuffing
templates) and define the security checks included in each
Configure protection against brute force attacks
Define learn, alarm, and block settings as they pertain to
configuring ASM Deploy Advanced Bot Defense against web scrapers, all known
bots, and other automated agents
Define attack signatures and explain why attack signature
staging is important Deploy DataSafe to secure client-side data
Administering BIG-IP instructor-led course Upon passing Exam 303, candidates receive their F5 Certified!
- or - Technology Specialist, BIG-IP ASM certification. This certification
verifies that a candidate is fully qualified to design, implement, and
Vervolgcursussen:
BIG-INT-IL, F5 Configuring BIG-IP LTM: Local Traffic Manager
WES_BIG-IP-APM, F5 Configuring BIG-IP APM: Access Policy Manager
WES_BIG-IP-GTM, F5 Configuring BIG-IP DNS: Domain Name System (formerly GTM)
Cursusinhoud:
Provisioning ASM Securing cookies and other headers Layer 7 DoS protection
Resource provisioning for ASM Reporting and logging Transaction Per Second-based DoS
Traffic processing with BIG-IP Local Traffic Advanced parameter handling protection
Manager (LTM) Using Automatic Policy Builder Layer 7 Behavioral DoS Protection
Web application concepts Integrating with web vulnerability Configuring Advanced Bot Defense
Mitigating the OWASP Top 10 and other scanners Web Scraping and other Microservice
vulnerabilities Login enforcement for flow control Protection
Security policy deployment Brute force and credential stuffing Working with Bot Signatures
Security policy tuning mitigation Using DataSafe to Secure the client side of
Deploying Attack Signatures and Threat Session tracking for client the Document Object Model
Campaigns reconnaissance
Positive security building Using Parent and Child policies
Nadere informatie:
Neem voor nadere informatie of boekingen contact op met onze Customer Service Desk 030 - 60 89 444
info@globalknowledge.nl
www.globalknowledge.com/nl-nl/