F5 Certified : Configure BIG-IP ASM | Application Security Manager

Module 6 : Policy Tuning and Violations

• Post-Deployment Traffic Processing
• Defining Violations
• Defining False Positives
• How Violations are Categorized
• Violation Rating: A Threat Scale
• Defining Staging and Enforcement
• Defining Enforcement Mode
• Defining the Enforcement Readiness Period
• Reviewing the Definition of Learning
• Defining Learning Suggestions
• Choosing Automatic or Manual Learning
• Defining the Learn, Alarm and Block Settings
• Interpreting the Enforcement Readiness Summary
• Configuring the Blocking Response Page

Module 7 : Attack Signatures

• Defining Attack Signatures
• Attack Signature Basics
• Creating User-Defined Attack Signatures
• Defining Simple and Advanced Edit Modes
• Defining Attack Signature Sets
• Defining Attack Signature Pools
• Understanding Attack Signatures and Staging
• Updating Attack Signatures

Module 8 : Positive Security Policy Building

• Defining and Learning Security Policy Components
• Defining the Wildcard
• Defining the Entity Lifecycle
• Choosing the Learning Scheme
• How to Learn: Never (Wildcard Only)
• How to Learn: Always
• How to Learn: Selective
• Reviewing the Enforcement Readiness Period: Entities
• Viewing Learning Suggestions and Staging Status
• Violations Without Learning Suggestions
• Defining the Learning Score
• Defining Trusted and Untrusted IP Addresses
• How to Learn: Compact

Module 9 : Cookies and Other Headers

• ASM Cookies: What to Enforce
• Defining Allowed and Enforced Cookies
• Configuring Security Processing on HTTP headers

Module 10 : Reporting and Logging

• Overview: Big Picture Data
• Reporting: Build Your Own View
• Reporting: Chart based on filters
• Brute Force and Web Scraping Statistics
• Viewing ASM Resource Reports
• PCI Compliance: PCI-DSS 3.0
• The Attack Expert System
• Viewing Traffic Learning Graphs
• Local Logging Facilities and Destinations
• How to Enable Local Logging of Security Events
• Viewing Logs in the Configuration Utility
• Exporting Requests
• Logging Profiles: Build What You Need
• Configuring Response Logging

Module 11 : Lab Project 1

• Lab Project

Module 12 : Advanced Parameter Handling

• Defining Parameter Types
• Defining Static Parameters
• Defining Dynamic Parameters
• Defining Dynamic Parameter Extraction Properties
• Defining Parameter Levels
• Other Parameter Considerations

Module 13 : Policy Diff and Administration

• Comparing Security Policies with Policy Diff
• Merging Security Policies
• Editing and Exporting Security Policies
• Restoring with Policy History
• Examples of ASM Deployment Types
• ConfigSync and ASM Security Data
• ASMQKVIEW: Provide to F5 Support for Troubleshooting

Module 14 : Using Application-Ready Templates

• Application Templates: Pre-Configured Baseline Security

Module 15 : Automatic Policy Building

• Overview of Automatic Policy Building
• Defining Templates Which Automate Learning
• Defining Policy Loosening
• Defining Policy Tightening
• Defining Learning Speed: Traffic Sampling
• Defining Track Site Changes

Module 16 : Web Application Vulnerability Scanner Integration

• Integrating Scanner Output Into ASM
• Will Scan be Used for a New or Existing Policy?
• Importing Vulnerabilities
• Resolving Vulnerabilities
• Using the Generic XML Scanner XSD file

Module 17 : Layered Policies

• Defining a Parent Policy
• Defining Inheritance
• Parent Policy Deployment Use Cases

Module 18 : Login Enforcement, Brute Force Mitigation, and Session Tracking

• Defining Login Pages
• Configuring Automatic Detection of Login Pages
• Defining Session Tracking
• What Are Brute Force Attacks?
• Brute Force Protection Configuration
• Defining Source-Based Protection
• Source-Based Brute Force Mitigations
• Defining Session Tracking
• Configuring Actions Upon Violation Detection
• Session Hijacking Mitigation Using Device ID

Module 19 : Web Scraping Mitigation and Geolocation Enforcement

• Defining Web Scraping
• Mitigating Web Scraping
• Defining Geolocation Enforcement
• Configuring IP Address Exceptions

Module 20 : Layer 7 DoS Mitigation and Advanced Bot Protection

• Defining Denial of Service Attacks
• The General Flow of DoS Protection
• Defining the DoS Profile
• Overview of TPS-based DoS Protection
• Applying TPS mitigations
• Create a DoS Logging Profile
• Defining DoS Profile General Settings
• Defining Bot Signatures
• Defining Proactive Bot Defense
• Defining Behavioral and Stress-Based Detection
• Defining Behavioral DoS Mitigation

Module 21 : ASM and iRules

• Common Uses for iRules
• Identifying iRule Components
• Triggering iRules with Events
• Defining ASM iRule Events
• Defining ASM iRule Commands
• Using ASM iRule Event Modes

Module 22 : Using Content Profiles

• Defining Asynchronous JavaScript and XML
• Defining JavaScript Object Notation (JSON)
• Defining Content Profiles
• The Order of Operations for URL Classification

Module 23 : Review and Final Labs

• Final Lab Project (Option 1) – Production Scenario
• Final Lab Project (Option 2) – JSON Parsing with the Default JSON Profile
• Final Lab Project (Option 3) – Managing Traffic with Layer 7 Local Traffic Policies