fbpx

303: BIG-IP ASM Specialist Course

303: BIG-IP ASM Specialist Training

The 303–BIG-IP ASM Specialist certification training course covers the configuration, implementation and maintainenace of ASM, including advanced features.

During the certification training course, participants will learn security policies, effects of common attacks, automatic policy builder lifecycle, ASM policy management and policy performance issues. By doing this course people will gain knowledge about the appropriate methods for determining the success of attack mitigation, management of the attack signature lifecycle and select the appropriate attack signatures or signature sets.

Valid F5-CA, BIG-IP Certification

Candidates can achieve this certification by passing the following exam.

  • 303–BIG-IP ASM Specialist

Logitrain F5 303–BIG-IP ASM Specialist course material

  • Explain the potential effects of common attacks on web applications
  • Explain how specific security policies mitigate various web application attacks
  • Determine the appropriate policy features and granularity for a given set of requirements
  • Determine which deployment method is most appropriate for a given set of requirements
  • Explain the automatic policy builder lifecycle
  • Review and evaluate policy settings based on information gathered from ASM (attack signatures, DataGuard, entities)
  • Define appropriate policy structure for policy elements
  • Explain options and potential results within the deployment wizard
  • Explain available logging options
  • Describe the management of the attack signature lifecycle and select the appropriate attack signatures or signature sets
  • Evaluate the implications of changes in the policy to the security and functionality of the application
  • Explain the process to integrate natively supported third party vulnerability scan output and generic formats with ASM
  • Evaluate whether rules are being implemented effectively and appropriately to mitigate violations
  • Determine how a policy should be adjusted based upon available data
  • Define the ASM policy management functions
  • Interpret log entries and identify opportunities to refine the policy
  • Given an ASM report, identify trends in support of security objectives
  • Determine the appropriate mitigation for a given attack or vulnerability
  • Decide the appropriate method for determining the success of attack mitigation
  • Evaluate ASM policy performance issues and determine appropriate mitigation strategies
  • Understand the impact of learning, alarm, and blocking settings on traffic enforcement
  • Examine policy objects to determine why traffic is or is not generating violations
  • Identify and interpret ASM performance metrics
  • Evaluate ASM system performance issues and determine appropriate mitigation strategies
  • Recognize ASM specific user roles and their permissions

 

This course is likely to add to the employment-related skills of the participants. The skills developed are likely to be used in the course of being an employee or working in a business.

  • Network Engineers
  • Cybersecurity Engineers
  • Sales Engineers
  • Network Administrators
  • IT professionals interested in F5 certifications
  • Understand and describe how the ASM can affect clients and applications directly while in either transparent or blocking mode
  • Summarize the OWASP Top Ten
  • Understand/interpret an iRule or LTM policy to map application traffic to an ASM policy
  • Explain the trade-offs between security, manageability, false positives, and performance
  • Understand application (security) requirements and convert requirements to technical tasks
  • Determine which deployment method is most appropriate given the circumstances
  • Create any profiles required to support the policy deployment (xml, JSON, logging profiles)
  • Implement anomaly detection appropriate to the web app (D/DoS protection, brute force attack, web scraping, proactive bot defense)
  • Configure initial policy building settings (automatic policy builder settings)
  • Define appropriate policy structure for policy elements (URLs, parameters, file types, headers, sessions & logins, content profiles, CSRF protection, anomaly detection, DataGuard, proactive bot defense)
  • Describe options within the deployment wizard (deployment method, attack signatures, virtual server, learning method
  • Select the appropriate ASM deployment model given the business requirements
  • Explain the specifications of the remote logger (ports, types of logs, formats, address)
  • Understand management of attack signature lifecycle (staging, enforcement readiness period) and select appropriate attack signatures
  • Evaluate whether the rules are being implemented effectively and appropriately to meet security and/or compliance requirements
  • Refine appropriate policy structure for policy elements
  • Explain how to manage policies using import, export, merge, and revert
  • Evaluate the implications of changes in the policy to the security and vulnerabilities of the application
  • Tune an ASM policy for better performance, including use of wildcards to improve efficiency
  • Identify the status of the policy
  • Define the violation types that exist in ASM
  • Describe how to merge and differentiate between policies
  • Examine traffic violations, determine if any attack traffic was permitted through the ASM and modify the policy to remove false positives
  • Locate and interpret reported security violations by end users and application developers
  • Understand and describe each major violation category and how ASM detects common exploits
  • Generate reporting for the ASM system and review the contents of the reports (anomaly statistics, charts, requests, PCI compliance status)
  • Take appropriate action on reported security violations by end users and application developers
  • Modify ASM policy to adapt to attacks
  • Choose an appropriate user defined attack signature to respond to traffic
  • Analyze performance graphs and statistics along with ASM configurations to determine the root cause of performance issues and appropriate remediation to the configuration based on Guaranteed Logging
  • Ensure that the security policy is inspecting web application traffic (application is functional and the policies are parsing the traffic)
  • Examine Security Event Logs and ASM configurations to determine expected violations based on the logging profile assigned to the virtual server
  • Understand the impact of ASM iRules on performance.
  • Understand the impact of traffic spikes on ASM performance and available mitigation strategies
  • Correlate performance issues with ASM policy changes based on security policy history information and system performance graphs
  • Recognize differences between user roles/permissions
  • Recognize ASM specific user roles
Get our expert trainers at your premises. Logitrain Customised Team can tailor the course to meet your organisation's specific learning and development needs and business goals.
  • Date Format: DD dash MM dash YYYY
  • This field is for validation purposes and should be left unchanged.
Request Information
  • five star ratings
    High-quality, cost-effective training since 2004
  • This field is for validation purposes and should be left unchanged.
What is included with the 303: BIG-IP ASM Specialist Course?
Logitrain course includes official certification exam fee.
Certificate of Attendance

Get a Certificate of Attendance to prove your commitment to learning

Our class size is small for personalised learning experience
Small Class Size

We provide personalised learning experience for every student

Logitrain courses, programs and packages includes course material.
Includes Course Material

Course material in digital format is included for flexibility and ease of use

Logitrain courses, packages and programs includes sample practise questions.
Includes Mock & Test Questions

Mock test is included in the full-time courses to assist with your preparation

Skilled Trainers
Highly Skilled Trainers

Our trainers are highly skilled with expertise and extensive hands-on experience

Logitrain courses include price beat guarantee.
Our Price Beat Guarantee

Relax, we will beat competitor’s advertised price. Our course has no extra costs

Proposed Dates, Locations & Prices
Logitrain Live Online Training Banner

Location Type Duration Price Dates
Location Type Duration Price Dates

The supply of this course/package/program is governed by our terms and conditions. Please read them carefully before enrolling, as enrolment is conditional on acceptance of these terms and conditions. Proposed course dates are given, course runs subject to availability and minimum registrations.

OUR ACCREDITATIONS

Find out why we are the leading choice to help boost your career in Australia

medal first placePrepare to get IT job ready in 8 weeks

Classroom trainingsTrained 15,000+ professionals and counting

training accessibilityExperienced Provider: Operating Since 2004

TeamworkTrained staff from 1200+ Australian Businesses

We Have Placed Candidates In
SATISFIED CUSTOMERS

“The trainer explained everything very well. Logitrain was very helpful for me in getting a better overall understanding of CCNA. I previously had studied it 2 years earlier but required revision.”
– Felice Amenta, Senior Service Management Officer at Optus, Rating: 4.8/5

“I recently followed the ITIL Foundation course at Logitrain. The training, materials and facilities were excellent and I would not hesitate to train with Logitrain again.”
– Rob Stockey, Senior Engineer at APAC, Rating: 4.8/5

“Had a blast! Great course, will be back soon to do another.”
– Justin Blackford, Systems Administrator at Gloria Jean’s Coffee, Rating: 4.8/5

“The trainer was very patient and gave everybody the opportunity to participate.”
– Tim Symonds, Solutions Architect at MSC Mobility Solutions, Rating: 4.8/5

Attend live virtual training program
SOME OF OUR CLIENTS

Over 1000 organisations have relied on Logitrain to be their trusted training partner.

five star ratings
High-quality, cost-effective training since 2004
Learn More
  • This field is for validation purposes and should be left unchanged.
create

Don’t Wait. Please fill the form now.