F5 303 Exam Preparation - F5 Big-Ip Asm Specialist

The only course that will help you achieve F5 Certified Technology Specialist, ASM! Based on v12.1

What you'll learn

F5 ASM

F5 Web Application Firewall

F5 BIG-IP Web Security Policies

Web Attack Protection

Lay 7 DoS Mitigation and Proection

Requirements

F5-CA

Web Vulnerabilities

Web Attacks

Description

Welcome to F5 303 Exam Preparation. Passing the Exam will achieve F5 Certified Technology Specialist, Application Security Manager (ASM)This course will help you pass F5 303 ASM Specialist Exam v12.1 (2022), this will also provides you a solid foundation in Web Application Firewall Technologies.F5 Certified Technology Specialist, ASM! Enables skills in Web Application Security and Web Application Firewall (WAF).This 12 hour course will help you understand the underlying technologies running in our Web Server Farms.This course is filled with Config Demonstration. This will help you understand the concepts and how to configure F5 ASM/WAFI am proud to be one of the few instructors in Udemy who records themselves during the course delivery. Whether I am presenting, whiteboarding or doing lab demonstration, you will always see me. I do this so that I will be more CONNECTED TO YOU.The course includes setting up F5 BIG-IP with ASM Lab. This will definitely helps you understand ASM and helps you prepare passing the exam.Target AudienceF5-CA and F5 303 or F5-CTS, ASM CandidateF5 ASM/Adv WAF SpecialistWeb Application Security SpecialistWeb App Penetration TestersExpectationsWill not cover basic HTTPWill not cover basic web vulnerabilitiesWill not cover basic web attacksAbove are covered in a separate course: Python Security – Web AttacksSoftware TechnologiesClient / Windows 10Web Applications – HackIT AuctionFiddler3CDaemonMozilla Firefox

Overview

Section 1: Introduction

Lecture 1 Course Introduction

Lecture 2 About the Course

Lecture 3 About the Instructor

Lecture 4 About the Exam

Lecture 5 Course Flow

Lecture 6 Others

Section 2: F5 ASM/WAF Lab

Lecture 7 F5 ASM/WAF Lab Overview

Lecture 8 Building F5 BIG-IP and ASM/WAF Lab

Lecture 9 F5 ASM/WAF Lab Toplogy

Lecture 10 F5 ASM/WAF Lab Resources

Lecture 11 Demo - Installing Fiddler and 3CDaemon

Section 3: Security Policy Deployment

Lecture 12 Security Policy Deployment Overview

Lecture 13 WAF Security Model

Lecture 14 Policy Templates

Lecture 15 Demo - Policy Templates

Lecture 16 Automatic Learning Mode

Lecture 17 Manual Learning Mode

Lecture 18 Policy Template Considerations

Lecture 19 Demo - Rapid Deployment

Lecture 20 Deployment Workflow

Lecture 21 Demo - Enforcement Mode and Server Technologies

Lecture 22 Logging Profiles

Lecture 23 Demo - Logging Profiles

Lecture 24 Rapid Deployment Security Checks

Lecture 25 Data Guard

Lecture 26 Demo - Data Guard Basics

Lecture 27 Demo - Data Guard Custom Pattern

Section 4: Policy Tuning and Violations

Lecture 28 Policy Tuning and Violations Overview

Lecture 29 WAF Violations

Lecture 30 Violation Categories

Lecture 31 Demo - Trigger and View a Violation

Lecture 32 Signature Staging

Lecture 33 Enforcement Mode

Lecture 34 Enforcement Readiness Period

Lecture 35 Learning Process

Lecture 36 Learning Suggestions

Lecture 37 Demo - Accepting Requests and Learning Suggestions

Lecture 38 Demo - Handling Learning Suggestions

Lecture 39 Blocking

Lecture 40 Demo - Policy Enforcement and Staging

Lecture 41 Demo - Block Request Page

Section 5: Attack Signatures

Lecture 42 Attack Signatures Overview

Lecture 43 Attack Signatures Basics

Lecture 44 Inspection Buffers and Keywords

Lecture 45 Attack Signature Structure

Lecture 46 User-defined Attack Signatures

Lecture 47 Signature Sets

Lecture 48 Demo - Signature Sets

Lecture 49 Demo - Create Attack Signature

Lecture 50 Signature Staging

Lecture 51 Demo - Signature Staging and Enforcement

Lecture 52 Updating Attack Signatures

Lecture 53 Demo - Updating Attack Signature

Section 6: Positive Security Policy Building

Lecture 54 Positive Security Policy Building Overview

Lecture 55 Positive Security Components

Lecture 56 Wildcard

Lecture 57 Never

Lecture 58 Demo - Never

Lecture 59 Always

Lecture 60 Demo - Always

Lecture 61 Selective

Lecture 62 Demo - Selective

Lecture 63 Learning and Enforcement

Lecture 64 Demo - Learning and Enforcement

Section 7: Cookies & Other Headers

Lecture 65 Cookies & Other Headers Overview

Lecture 66 ASM Cookies

Lecture 67 Cookie Processing

Lecture 68 Demo - Cookie Tampering

Lecture 69 HTTP Headers

Lecture 70 Demo - Header Tampering

Section 8: Reporting and Logging

Lecture 71 Reporting and Logging Overview

Lecture 72 Reporting

Lecture 73 Demo - Reporting

Lecture 74 ASM Resource Reports

Lecture 75 Demo - ASM Resource Reporting

Lecture 76 PCI Compliance Reporting

Lecture 77 Demo - PCI Compliance Reporting

Lecture 78 Traffic Learning Graphs

Lecture 79 Demo - Traffic Learning Graphs

Lecture 80 Local Logging Facilities

Lecture 81 Logging Profile

Lecture 82 Demo - Local and Remote Logging

Lecture 83 Demo - Response Logging

Section 9: Policy Diff and Administration

Lecture 84 Policy Diff and Administration Overview

Lecture 85 User Roles and Partitions

Lecture 86 Demo - User Roles and Partitions

Lecture 87 Policy Diff

Lecture 88 Demo - Policy Diff

Lecture 89 Security Policy Editing

Lecture 90 Demo - Security Policy Editing

Lecture 91 ASM Deployments

Section 10: Advanced Parameter Handling

Lecture 92 Advanced Parameter Handling Overview

Lecture 93 Parameters

Lecture 94 Demo - Parameters

Lecture 95 Parameter Attributes and Security

Lecture 96 Demo - Protecting Static Parameters

Lecture 97 Dynamic Parameters

Lecture 98 ASM Cookie: Parameter Extractions

Lecture 99 Demo - Protecting Dynamic Parameters

Section 11: Application Ready Templates

Lecture 100 Application Ready Templates Overview

Lecture 101 Pre-Configured Baseline Security

Lecture 102 Demo-Application Ready Templates

Section 12: Automatic Policy Building

Lecture 103 Automatic Policy Building Overview

Lecture 104 Automated Learning

Lecture 105 Loosening vs Tightening

Lecture 106 Demo - Automatic Policy Building

Section 13: Vulnerability Scanner Integration

Lecture 107 Vulnerability Scanner Integration Overview

Lecture 108 Integrating Scanner Output with ASM

Lecture 109 Resolving Vulnerabilities using Scanners

Lecture 110 Demo - Whitehat

Lecture 111 Demo - Qualys

Lecture 112 Demo - AppScan

Lecture 113 Demo - HP WebInspect

Lecture 114 Demo - Trustwave

Section 14: Login Enforcement and Session Tracking

Lecture 115 Login Enforcement and Session Tracking Overview

Lecture 116 Login pages and URL enforcement

Lecture 117 Demo - Login Enforcement

Lecture 118 Session Awareness and tracking

Lecture 119 Demo - Session Tracking

Section 15: Completion

Lecture 120 Wrap Up

Lecture 121 Moving On

Lecture 122 Message from the Instructor

Lecture 123 Course Completion

F5 ASM/WAF Specialist,WAF Specialist,F5 Engineers,F5 Certified BIG-IP Administrator (F5-CA)