F5 Web Application Firewall (Formerly Asm) Exam 303

F5 Application Security Manager

What you'll learn

Identifies individuals who are qualified to design, implement, and maintain ASM, including advanced features

Protect the organization and its reputation by maintaining the confidentiality, availability, and performance of the applications

Deploy flexibly for virtualized and private cloud environments

Get out-of-the-box application security policies with minimal configuration

Requirements

Networking and Firewall Knowledge with F5 Certified BIG-IP Administrator (F5-CA) Certification

Description

F5 BIG-IP® Application Security Manager™ (ASM) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments. BIG-IP ASM helps secure applications against unknown vulnerabilities, and enables compliance for key regulatory mandates. BIG-IP ASM is a key part of the F5 application delivery firewall solution, which consolidates traffic management, network firewall, application access, DDoS protection, SSL inspection, and DNS security.BIG-IP ASM blocks web application attacks to help protect against a broad spectrum of threats, including the most sophisticated application-level DDoS and SQL injection attacks. It also helps secure interactive web apps that use the latest development methodologies, such as AJAX widgets, JSON payloads, and the Google Web Toolkit. Advanced DAST integrations can scan web apps and coordinate with BIG-IP ASM to patch vulnerabilities in minutes. By integrating contextual information about incoming IP addresses and IP Intelligence service databases, BIG-IP ASM secures applications against constantly changing threats.BIG-IP ASM is available across the entire family of F5 platforms, from the virtual editions (VE), which protect virtual private cloud applications, to BIG-IP appliances and VIPRION multi-line-card chassis.F5 Certification exams are designed to test the knowledge, skills, and abilities of the candidate. These exams are not designed to test version-specific TMOS features, but rather assess knowledge and understanding of F5 technology solutions for which the exam is developed. Refer to individual exam blueprints for exam publication date.

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Introduction to F5 ASM Exam 303

Lecture 2 Exam Info

Section 3: F5 WAF-ASM and App Servers Hardware and Software Setup

Lecture 3 F5 ASM and App Servers Hardware and Software Setup

Section 4: Types Of Web App Attacks

Lecture 4 Web App Attacks

Section 5: Introduction to Application Security Policies

Lecture 5 Web Application Polices

Section 6: PHP Auction Site Protection

Lecture 6 PHP Auction Site Security Policy

Lecture 7 PHP Auction SIte Attack Signature Policy

Lecture 8 F5-ASM with PHPAuction for Forceful Browsing and Illegal File Types

Section 7: SQL Injection Attack and Mitigation

Lecture 9 F5-ASM SQL Injection-XSS and Setting up DVWA App- Theory

Lecture 10 F5-ASM SQL Injection with DVWA App - Lab

Section 8: Cross Site Scripting XSS Attack Stored and Reflected

Lecture 11 F5-ASM XSS Stored and Reflected with DVWA App - Lab

Section 9: Login Page Enforcement

Lecture 12 F5-ASM Login Page Enforcement with DVWA App - Lab

Section 10: Data Guard Protection

Lecture 13 F5-ASM Custom Data Guard Protection with Security Policy

Section 11: Fake Browser Attacks and Mitigation

Lecture 14 F5-ASM Fake Browser Attack Mitigation

Section 12: DDoS Attack and Prevention

Lecture 15 F5-ASM Low Orbit Cannon Attack - ClientSIde Integrity Defense

Section 13: Enforce Global Settings for FIle Types

Lecture 16 F5-ASM Enforce Global Settings for FileTypes

Section 14: Use and Enforce Attack Signatures

Lecture 17 F5-ASM Use and Enforce Attack Signatures

Section 15: Creating GeoLocation Policy

Lecture 18 F5-ASM GeoLocation Policy

Section 16: Block WebScraping Attack (Machine Learning)

Lecture 19 F5-ASM Block WebScraping Attack (Machine Learning)

Section 17: User Session Tracking and Violation Mitigation

Lecture 20 F5-ASM User Session Tracking and Violation Mitigation

Section 18: Handling Parameters

Lecture 21 F5-ASM Enforce Global Settings for Parameters

Lecture 22 F5-ASM Using Different Parameter Types Attack

Section 19: BruteForce Attack with BurpSuite

Lecture 23 F5-ASM BruteForce Attack with BurpSuite

Lecture 24 F5-ASM Mitigating Brute Force Attack

Section 20: Cross Site Request Forgery (CSRF) Attack and Protection

Lecture 25 F5-ASM Cross Site Request Forgery (CSRF) Attack and Protection

Section 21: DDoS Attack and Prevention With LOIC

Lecture 26 F5-ASM DDoS Attack and Prevention

Section 22: AntiVirus Protection with C-ICAP Server

Lecture 27 F5-ASM AntiVirus Protection with C-ICAP Server

Section 23: Creating Security Policy for Trusted and Untrusted Requests

Lecture 28 F5-ASM Creating Security Policy for Trusted and Untrusted Requests

Section 24: Parent and Child Policy Creations

Lecture 29 F5-ASM Parent and Child Policy Creations

Section 25: Comprehensive Policy Creation

Lecture 30 F5-ASM Comprehensive Policy Creation

Section 26: Create Partitions and Users

Lecture 31 F5-ASM Create Partitions and User Creation

Section 27: Thanks..!

Lecture 32 Thanks..!!

Network,Firewall,CyberSecurity Experts