SlideShare a Scribd company logo

ASM Course Content.pdf

V
viditsir

This document provides information about an F5 ASM training and certification course. The course teaches students how to use F5's Application Security Manager to defend against web-based and XML application attacks. It includes hands-on labs, lectures, and discussion of ASM components. The goal is to prepare students to configure ASM policies and deploy ASM to secure applications. Obtaining the F5 ASM certification validates students' knowledge and can help improve job prospects.

Education
1 of 20
Download to read offline
F5 ASM Training & Certification Course COURSE HIGHLIGHTS •Hands-on exposure with diverse vulnerabilities •Real-like scenarios for practical understanding •Certified and expert instructors •Lifetime Interview Support
Overview BIG-IP ASM Course is an opportunity to enhance your skills •To manage Web-based and XML application attacks, and •To use Application Security Manager to defend against these attacks BIG-IP Application Security Manager Course will also help you to learn about building security policies, utilizing traffic learning, deploying Application Security Manager with various applications, and testing using realistic web site traffic. BIG_IP F5 ASM training includes includes lecture, hands- on labs, and discussion about different ASM components to detect and mitigate threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
WHY F5 ASM CERTIFICATION TRAINING? The F5 ASM Certification course focuses at fostering individual’s professional development through a high- quality, credible technology certification. This course will not only prepare you to earn this certification but will also provide a competitive advantage in the marketplace over non certified professionals. After being certified you will be able to: •Determine and implement an appropriate, application- specific BIG-IP ASM deployment model (policies) or architecture (scale). •Create a BIG-IP ASM configuration/design to secure applications according to needs and requirements. •Customize a BIG-IP ASM policy for a web application. •Identify where to integrate BIG-IP ASM into the data flow by understanding the interrelation between BIG-IP ASM and the network architecture. F5 ASM Certification is a validation of your updated knowledge on operating BIG-IP Application Security Manager and therefore, improves your chances of being employed with a better salary.
Target Audience •This course is suitable for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.
Exam Information •Exam Title: 303–BIG-IP ASM Specialist •Cost: $185
BIG-IP System & TMOS Architecture and Application Traffic Flow 1 Course Agenda Initial Set Up,LTM components,F5 ASM Components 2 HTTP header and explanation of OWASP Top 10 3 Ways to deploy initial security policy on ASM. 4 Static and Dynamic Parameter Handling Comparing Security Policies ASM deployment types 5 Attack Signatures 6 Approach towards building a positive security policy. 7 Reporting and Logging Functionalities on ASM. 9 10 11 Tuning of your policy Process of Automatic Policy building and Integration of ASM. Use of Layered policies and Enforce Login Enforcement Troubleshooting ASM(WAF) Related Issues 4 12 8
Module 1: Setting Up the BIG-IP System •Introducing the BIG-IP System •Initially Setting Up the BIG-IP System •Archiving the BIG-IP System Configuration
Module 2: Traffic Processing with BIG-IP •Identifying BIG-IP Traffic Processing Objects •Overview of Network Packet Flow •Understanding Profiles •Overview of Local Traffic Policies •Visualizing the HTTP Request Flow
Module 3: Web Application Concepts •Overview of Web Application Request Processing •Web Application Firewall: Layer 7 Protection •ASM Layer 7 Security Checks •Overview of Web Communication Elements •Overview of the HTTP Request Structure •Examining HTTP Responses •How ASM Parses File Types, URLs, and Parameters •Using the Fiddler HTTP Proxy
Module 4: Common Web Application Vulnerabilities • What Elements of Application Delivery are targeted? • Common Exploits Against Web Applications
Module 5: Security Policy Deployment •Defining Learning •Comparing Positive and Negative Security Models •The Deployment Workflow •Policy Type: How Will the Policy Be Applied •Policy Template: Determines the Level of Protection •Policy Templates: Automatic or Manual Policy Building •Assigning Policy to Virtual Server •Deployment Workflow: Using Advanced Settings •Selecting the Enforcement Mode •The Importance of Application Language •Configure Server Technologies •Verify Attack Signature Staging •Viewing Requests •Security Checks Offered by Rapid Deployment •Defining Attack Signatures •Using Data Guard to Check Responses
Module 6: Policy Tuning and Violations •Post-Deployment Traffic Processing •Defining Violations •Defining False Positives •How Violations are Categorized •Violation Rating: A Threat Scale •Defining Staging and Enforcement •Defining Enforcement Mode •Defining the Enforcement Readiness Period •Reviewing the Definition of Learning •Defining Learning Suggestions •Choosing Automatic or Manual Learning •Defining the Learn, Alarm and Block Settings •Interpreting the Enforcement Readiness Summary
Module 7: Attack Signatures •Defining Attack Signatures •Attack Signature Basics •Creating User-Defined Attack Signatures •Defining Simple and Advanced Edit Modes •Defining Attack Signature Sets •Defining Attack Signature Pools •Understanding Attack Signatures and Staging •Updating Attack Signatures
Module 8: Positive Security Policy Building •Defining and Learning Security Policy Components •Choosing the Learning Scheme •How to Learn: Never (Wildcard Only) •How to Learn: Always •How to Learn: Selective •Reviewing the Enforcement Readiness Period: Entities •Viewing Learning Suggestions and Staging Status •Violations Without Learning Suggestions •Defining the Learning Score •Defining Trusted and Untrusted IP Addresses •How to Learn: Compact
Module 9: Cookies and Other Headers •ASM Cookies: What to Enforce •Defining Allowed and Enforced Cookies •Configuring Security Processing on HTTP headers
Module 10: Reporting and Logging •Overview: Big Picture Data •Reporting: Build Your Own View •Reporting: Chart based on filters •Brute Force and Web Scraping Statistics •Viewing ASM Resource Reports •PCI Compliance: PCI-DSS 3.0 •The Attack Expert System •Viewing Traffic Learning Graphs •Local Logging Facilities and Destinations •How to Enable Local Logging of Security Events •Viewing Logs in the Configuration Utility •Logging Profiles: Build What You Need •Configuring Response Logging
Module 11: Advanced Parameter Handling •Defining Parameter Types •Defining Static Parameters •Defining Dynamic Parameters •Defining Parameter Levels Module 12: Policy Diff and Administration •Comparing Security Policies with Policy Diff •Merging Security Policies •Editing and Exporting Security Policies •Restoring with Policy History •Examples of ASM Deployment Types
Module 13: Using Application-Ready Templates •Application Templates: Pre-Configured Baseline Security Module 14: Automatic Policy Building •Overview of Automatic Policy Building •Defining Templates Which Automate Learning •Defining Policy Loosening •Defining Policy Tightening Module 15: Web Application Vulnerability Scanner Integration •Integrating Scanner Output Into ASM •Importing Vulnerabilities •Resolving Vulnerabilities
Module 16: Layered Policies •Defining a Parent Policy •Defining Inheritance •Parent Policy Deployment Use Cases Module 17: Login Enforcement, Brute Force Mitigation, and Session Tracking •Defining Login Pages •Configuring Automatic Detection of Login Pages •Defining Session Tracking •What Are Brute Force Attacks •Brute Force Protection Configuration •Defining Source-Based Protection •Source-Based Brute Force Mitigations •Defining Session Tracking
Module 18: Web Scraping Mitigation and Geolocation Enforcement •Defining Web Scraping •Mitigating Web Scraping •Defining Geolocation Enforcement •Configuring IP Address Exceptions Module 19: Layer 7 DoS Mitigation and Advanced Bot Protection •Defining Denial of Service Attacks •The General Flow of DoS Protection •Defining the DoS Profile •Create a DoS Logging Profile •Defining DoS Profile General Settings •Defining Bot Signatures •Defining Proactive Bot Defense

Recommended

Anypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best PracticesAnypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best Practices
MuleSoft Meetups
 
Achieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By DesignAchieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By Design
Amazon Web Services
 
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Amazon Web Services
 
4 florin coada - dast automation, more value for less work
4 florin coada - dast automation, more value for less work4 florin coada - dast automation, more value for less work
4 florin coada - dast automation, more value for less work
Ievgenii Katsan
 
CyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_ContentCyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_Content
priyanshamadhwal2
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
PECB
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE Outline
Examcollection
 

Recommended

Anypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best PracticesAnypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best Practices
MuleSoft Meetups
 
Achieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By DesignAchieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By Design
Amazon Web Services
 
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016
Amazon Web Services
 
4 florin coada - dast automation, more value for less work
4 florin coada - dast automation, more value for less work4 florin coada - dast automation, more value for less work
4 florin coada - dast automation, more value for less work
Ievgenii Katsan
 
CyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_ContentCyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_Content
priyanshamadhwal2
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
PECB
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE Outline
Examcollection
 
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17 IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
Natalia Kataoka
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Standards Customer Council
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Lancope, Inc.
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
FitCEO, Inc. (FCI)
 
The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.
FitCEO, Inc. (FCI)
 
Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]
Symantec
 
How to Secure Mule API's With a Demo
How to Secure Mule API's With a DemoHow to Secure Mule API's With a Demo
How to Secure Mule API's With a Demo
ManjuKumara GH
 
Top 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for DevelopersTop 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for Developers
Microsoft Tech Community
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
Rochester Security Summit
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
DGI Compliance Webinar
DGI Compliance WebinarDGI Compliance Webinar
DGI Compliance Webinar
SolarWinds
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
Amazon Web Services
 
Ccsk course content v1
Ccsk course content v1Ccsk course content v1
Ccsk course content v1
ShivamSharma909
 
Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)
Amy Nicewick, CISSP, CCSP, CEH
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
SoftServe
 
Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentor
tmbainjr131
 
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWindsGovernment Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
SolarWinds
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
DHCP
DHCPDHCP
DHCP
viditsir
 
DNS
DNSDNS
DNS
viditsir
 

More Related Content

Similar to ASM Course Content.pdf

IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17 IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
Natalia Kataoka
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Standards Customer Council
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Lancope, Inc.
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
FitCEO, Inc. (FCI)
 
The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.
FitCEO, Inc. (FCI)
 
Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]
Symantec
 
How to Secure Mule API's With a Demo
How to Secure Mule API's With a DemoHow to Secure Mule API's With a Demo
How to Secure Mule API's With a Demo
ManjuKumara GH
 
Top 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for DevelopersTop 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for Developers
Microsoft Tech Community
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
Rochester Security Summit
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
DGI Compliance Webinar
DGI Compliance WebinarDGI Compliance Webinar
DGI Compliance Webinar
SolarWinds
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
Amazon Web Services
 
Ccsk course content v1
Ccsk course content v1Ccsk course content v1
Ccsk course content v1
ShivamSharma909
 
Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)
Amy Nicewick, CISSP, CCSP, CEH
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
SoftServe
 
Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentor
tmbainjr131
 
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWindsGovernment Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
SolarWinds
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 

Similar to ASM Course Content.pdf (20)

IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17 IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
IBM DataPower Weekly Webcast - The Value of Datapower Frameworks - 11.03.17
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
 
The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.
 
Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]
 
How to Secure Mule API's With a Demo
How to Secure Mule API's With a DemoHow to Secure Mule API's With a Demo
How to Secure Mule API's With a Demo
 
Top 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for DevelopersTop 10 IaaS Highlights for Developers
Top 10 IaaS Highlights for Developers
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
DGI Compliance Webinar
DGI Compliance WebinarDGI Compliance Webinar
DGI Compliance Webinar
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
 
Ccsk course content v1
Ccsk course content v1Ccsk course content v1
Ccsk course content v1
 
Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
 
Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentor
 
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWindsGovernment Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
Government Webinar: RMF, DISA STIG, and NIST FISMA Compliance Using SolarWinds
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
 

More from viditsir

DHCP
DHCPDHCP
DHCP
viditsir
 
DNS
DNSDNS
DNS
viditsir
 
DNS_Tutorial 2.pptx
DNS_Tutorial 2.pptxDNS_Tutorial 2.pptx
DNS_Tutorial 2.pptx
viditsir
 
DNS and BIND, 5th Edition.pdf
DNS and BIND, 5th Edition.pdfDNS and BIND, 5th Edition.pdf
DNS and BIND, 5th Edition.pdf
viditsir
 
Course Agendaf5ltm.pptx
Course Agendaf5ltm.pptxCourse Agendaf5ltm.pptx
Course Agendaf5ltm.pptx
viditsir
 
F5 LTM Course Content_2.pdf
F5 LTM Course Content_2.pdfF5 LTM Course Content_2.pdf
F5 LTM Course Content_2.pdf
viditsir
 
Fortigate Mock Interview.pptx
Fortigate Mock Interview.pptxFortigate Mock Interview.pptx
Fortigate Mock Interview.pptx
viditsir
 

More from viditsir (7)

DHCP
DHCPDHCP
DHCP
 
DNS
DNSDNS
DNS
 
DNS_Tutorial 2.pptx
DNS_Tutorial 2.pptxDNS_Tutorial 2.pptx
DNS_Tutorial 2.pptx
 
DNS and BIND, 5th Edition.pdf
DNS and BIND, 5th Edition.pdfDNS and BIND, 5th Edition.pdf
DNS and BIND, 5th Edition.pdf
 
Course Agendaf5ltm.pptx
Course Agendaf5ltm.pptxCourse Agendaf5ltm.pptx
Course Agendaf5ltm.pptx
 
F5 LTM Course Content_2.pdf
F5 LTM Course Content_2.pdfF5 LTM Course Content_2.pdf
F5 LTM Course Content_2.pdf
 
Fortigate Mock Interview.pptx
Fortigate Mock Interview.pptxFortigate Mock Interview.pptx
Fortigate Mock Interview.pptx
 

Recently uploaded

Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
chanes7
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
Priyankaranawat4
 
Community pharmacy- Social and preventive pharmacy UNIT 5
Community pharmacy- Social and preventive pharmacy UNIT 5Community pharmacy- Social and preventive pharmacy UNIT 5
Community pharmacy- Social and preventive pharmacy UNIT 5
sayalidalavi006
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
Celine George
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Dr. Vinod Kumar Kanvaria
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
Nicholas Montgomery
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
The simplified electron and muon model, Oscillating Spacetime: The Foundation...
The simplified electron and muon model, Oscillating Spacetime: The Foundation...The simplified electron and muon model, Oscillating Spacetime: The Foundation...
The simplified electron and muon model, Oscillating Spacetime: The Foundation...
RitikBhardwaj56
 
World environment day ppt For 5 June 2024
World environment day ppt For 5 June 2024World environment day ppt For 5 June 2024
World environment day ppt For 5 June 2024
ak6969907
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPLAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
RAHUL
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
Celine George
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
IreneSebastianRueco1
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
Katrina Pritchard
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
Celine George
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
Celine George
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
 

Recently uploaded (20)

Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
 
Community pharmacy- Social and preventive pharmacy UNIT 5
Community pharmacy- Social and preventive pharmacy UNIT 5Community pharmacy- Social and preventive pharmacy UNIT 5
Community pharmacy- Social and preventive pharmacy UNIT 5
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
The simplified electron and muon model, Oscillating Spacetime: The Foundation...
The simplified electron and muon model, Oscillating Spacetime: The Foundation...The simplified electron and muon model, Oscillating Spacetime: The Foundation...
The simplified electron and muon model, Oscillating Spacetime: The Foundation...
 
World environment day ppt For 5 June 2024
World environment day ppt For 5 June 2024World environment day ppt For 5 June 2024
World environment day ppt For 5 June 2024
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPLAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
 

ASM Course Content.pdf

  • 1. F5 ASM Training & Certification Course COURSE HIGHLIGHTS •Hands-on exposure with diverse vulnerabilities •Real-like scenarios for practical understanding •Certified and expert instructors •Lifetime Interview Support
  • 2. Overview BIG-IP ASM Course is an opportunity to enhance your skills •To manage Web-based and XML application attacks, and •To use Application Security Manager to defend against these attacks BIG-IP Application Security Manager Course will also help you to learn about building security policies, utilizing traffic learning, deploying Application Security Manager with various applications, and testing using realistic web site traffic. BIG_IP F5 ASM training includes includes lecture, hands- on labs, and discussion about different ASM components to detect and mitigate threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
  • 3. WHY F5 ASM CERTIFICATION TRAINING? The F5 ASM Certification course focuses at fostering individual’s professional development through a high- quality, credible technology certification. This course will not only prepare you to earn this certification but will also provide a competitive advantage in the marketplace over non certified professionals. After being certified you will be able to: •Determine and implement an appropriate, application- specific BIG-IP ASM deployment model (policies) or architecture (scale). •Create a BIG-IP ASM configuration/design to secure applications according to needs and requirements. •Customize a BIG-IP ASM policy for a web application. •Identify where to integrate BIG-IP ASM into the data flow by understanding the interrelation between BIG-IP ASM and the network architecture. F5 ASM Certification is a validation of your updated knowledge on operating BIG-IP Application Security Manager and therefore, improves your chances of being employed with a better salary.
  • 4. Target Audience •This course is suitable for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.
  • 5. Exam Information •Exam Title: 303–BIG-IP ASM Specialist •Cost: $185
  • 6. BIG-IP System & TMOS Architecture and Application Traffic Flow 1 Course Agenda Initial Set Up,LTM components,F5 ASM Components 2 HTTP header and explanation of OWASP Top 10 3 Ways to deploy initial security policy on ASM. 4 Static and Dynamic Parameter Handling Comparing Security Policies ASM deployment types 5 Attack Signatures 6 Approach towards building a positive security policy. 7 Reporting and Logging Functionalities on ASM. 9 10 11 Tuning of your policy Process of Automatic Policy building and Integration of ASM. Use of Layered policies and Enforce Login Enforcement Troubleshooting ASM(WAF) Related Issues 4 12 8
  • 7. Module 1: Setting Up the BIG-IP System •Introducing the BIG-IP System •Initially Setting Up the BIG-IP System •Archiving the BIG-IP System Configuration
  • 8. Module 2: Traffic Processing with BIG-IP •Identifying BIG-IP Traffic Processing Objects •Overview of Network Packet Flow •Understanding Profiles •Overview of Local Traffic Policies •Visualizing the HTTP Request Flow
  • 9. Module 3: Web Application Concepts •Overview of Web Application Request Processing •Web Application Firewall: Layer 7 Protection •ASM Layer 7 Security Checks •Overview of Web Communication Elements •Overview of the HTTP Request Structure •Examining HTTP Responses •How ASM Parses File Types, URLs, and Parameters •Using the Fiddler HTTP Proxy
  • 10. Module 4: Common Web Application Vulnerabilities • What Elements of Application Delivery are targeted? • Common Exploits Against Web Applications
  • 11. Module 5: Security Policy Deployment •Defining Learning •Comparing Positive and Negative Security Models •The Deployment Workflow •Policy Type: How Will the Policy Be Applied •Policy Template: Determines the Level of Protection •Policy Templates: Automatic or Manual Policy Building •Assigning Policy to Virtual Server •Deployment Workflow: Using Advanced Settings •Selecting the Enforcement Mode •The Importance of Application Language •Configure Server Technologies •Verify Attack Signature Staging •Viewing Requests •Security Checks Offered by Rapid Deployment •Defining Attack Signatures •Using Data Guard to Check Responses
  • 12. Module 6: Policy Tuning and Violations •Post-Deployment Traffic Processing •Defining Violations •Defining False Positives •How Violations are Categorized •Violation Rating: A Threat Scale •Defining Staging and Enforcement •Defining Enforcement Mode •Defining the Enforcement Readiness Period •Reviewing the Definition of Learning •Defining Learning Suggestions •Choosing Automatic or Manual Learning •Defining the Learn, Alarm and Block Settings •Interpreting the Enforcement Readiness Summary
  • 13. Module 7: Attack Signatures •Defining Attack Signatures •Attack Signature Basics •Creating User-Defined Attack Signatures •Defining Simple and Advanced Edit Modes •Defining Attack Signature Sets •Defining Attack Signature Pools •Understanding Attack Signatures and Staging •Updating Attack Signatures
  • 14. Module 8: Positive Security Policy Building •Defining and Learning Security Policy Components •Choosing the Learning Scheme •How to Learn: Never (Wildcard Only) •How to Learn: Always •How to Learn: Selective •Reviewing the Enforcement Readiness Period: Entities •Viewing Learning Suggestions and Staging Status •Violations Without Learning Suggestions •Defining the Learning Score •Defining Trusted and Untrusted IP Addresses •How to Learn: Compact
  • 15. Module 9: Cookies and Other Headers •ASM Cookies: What to Enforce •Defining Allowed and Enforced Cookies •Configuring Security Processing on HTTP headers
  • 16. Module 10: Reporting and Logging •Overview: Big Picture Data •Reporting: Build Your Own View •Reporting: Chart based on filters •Brute Force and Web Scraping Statistics •Viewing ASM Resource Reports •PCI Compliance: PCI-DSS 3.0 •The Attack Expert System •Viewing Traffic Learning Graphs •Local Logging Facilities and Destinations •How to Enable Local Logging of Security Events •Viewing Logs in the Configuration Utility •Logging Profiles: Build What You Need •Configuring Response Logging
  • 17. Module 11: Advanced Parameter Handling •Defining Parameter Types •Defining Static Parameters •Defining Dynamic Parameters •Defining Parameter Levels Module 12: Policy Diff and Administration •Comparing Security Policies with Policy Diff •Merging Security Policies •Editing and Exporting Security Policies •Restoring with Policy History •Examples of ASM Deployment Types
  • 18. Module 13: Using Application-Ready Templates •Application Templates: Pre-Configured Baseline Security Module 14: Automatic Policy Building •Overview of Automatic Policy Building •Defining Templates Which Automate Learning •Defining Policy Loosening •Defining Policy Tightening Module 15: Web Application Vulnerability Scanner Integration •Integrating Scanner Output Into ASM •Importing Vulnerabilities •Resolving Vulnerabilities
  • 19. Module 16: Layered Policies •Defining a Parent Policy •Defining Inheritance •Parent Policy Deployment Use Cases Module 17: Login Enforcement, Brute Force Mitigation, and Session Tracking •Defining Login Pages •Configuring Automatic Detection of Login Pages •Defining Session Tracking •What Are Brute Force Attacks •Brute Force Protection Configuration •Defining Source-Based Protection •Source-Based Brute Force Mitigations •Defining Session Tracking
  • 20. Module 18: Web Scraping Mitigation and Geolocation Enforcement •Defining Web Scraping •Mitigating Web Scraping •Defining Geolocation Enforcement •Configuring IP Address Exceptions Module 19: Layer 7 DoS Mitigation and Advanced Bot Protection •Defining Denial of Service Attacks •The General Flow of DoS Protection •Defining the DoS Profile •Create a DoS Logging Profile •Defining DoS Profile General Settings •Defining Bot Signatures •Defining Proactive Bot Defense