304: BIG-IP APM Specialist Course

304: BIG-IP APM Specialist Training

The 304–BIG-IP APM Specialist certification training course recognises candidates who can configure, implement and maintain APM, including advanced features.

During the 304–BIG-IP APM Specialist certification training course participants will learn different types of AAA methods, authentication service types. By doing this course candidates will gain knowledge about Web Access Management (LTM-APM Mode), configure VPE flow with multiple branches and objects, enabling/disabling strict updates.

By passing the Exam 304, candidates receive the F5 Certified! Technology Specialist, Access Policy.

Valid F5-CA, BIG-IP Certification

Candidates can achieve this certification by passing the following exam.

  • 304–BIG-IP APM Specialist

Logitrain F5 304–BIG-IP APM Specialist course material

  • Explain how to configure different types of AAA methods
  • Demonstrate knowledge of the network requirements for each authentication service type
  • Explain how to configure SSO objects
  • Explain how to configure SAML as an SP and/or IdP
  • Explain how to configure SSL VPN manually or using a wizard
  • Explain how to configure Network Access Profiles
  • Explain how to configure portal access
  • Explain how to configure application access
  • Explain how to configure Web Access Management (LTM-APM Mode)
  • Explain how to configure authentication and logon objects in VPE
  • Explain how to configure resource/custom variables
  • Explain how to configure VPE flow with multiple branches and objects
  • Explain how to configure and apply macros
  • Determine when to use an iApp
  • Apply procedural concepts to maintain iApps
  • Determine appropriate applications for enabling/disabling strict updates
  • Apply procedural concepts to manage and maintain access profiles
  • Perform basic customizations of the U/I
  • Demonstrate an understanding of how High Availability applies to BIG-IP APM (with respect to end users, policy sync, device fail-over)
  • Explain provisioning/licensing for BIG-IP APM
  • Apply procedural concepts to gather relevant data
  • Determine root cause
  • Explain how BIG-IP APM mitigates common attack vectors and methodologies
  • Determine which BIG-IP APM features should be used to mitigate a specific authentication attack
  • Apply procedural concepts to manage user sessions
  • Identify use cases of Secure Web Gateway (SWG)
  • Describe access policy timeouts as related to security
  • Explain how to configure and manage ACLs
  • Demonstrate an understanding of network security requirements for application access
  • Apply procedural concepts to implement EPSEC


This course is likely to add to the employment-related skills of the participants. The skills developed are likely to be used in the course of being an employee or working in a business.

  • Network Engineers
  • Cybersecurity Engineers
  • Sales Engineers
  • Network Administrators
  • IT professionals interested in F5 certifications
  • Configure AAA objects
  • Microsoft Active Directory, LDAP, Radius, RSA SecurID, TACACS, (Kerberos/NTLM), Client Cert auth), end-point management system profile
  • Demonstrate ability to test and validate connectivity to each authentication service (adtest output, ldapsearch output)
  • Determine specific SSO object requirements (e.g., Kerberos SPN requirements)
  • Determine when to choose one type of SSO over another
  • Integrate BIG-IP APM Service Provider (SP) with external vendor IdP (e.g., PING, Okta, SaaS, etc) Configure Single Logout (SLO)
  • Determine which option is appropriate to use: Network access, Portal access, Web Application access (APM/LTM Mode)
  • Choose appropriate Webtop type: Full, Network Access, Portal Access
  • Configure profile settings (e.g., Connectivity profile options, Edge Client Options, and updates, SNAT)
  • Configure App Optimization
  • Determine the appropriate level of patching
  • Evaluate global ACL order
  • Configure Resource Items
  • Configure Remote Desktop access (e.g., Launching applications, Custom Parameters)
  • Deploy Citrix Bundle
  • Configure App Tunnels
  • Configure pool and virtual server
  • Determine when to use Web Access Management
  • Configure an auth and/or query object (e.g., Determine group membership, Configure required attributes)
  • Add appropriate logon page type
  • Set up SSO credential mapping
  • Assign Webtops dynamically
  • Configure variable assignment
  • Determine policy ending types (allow, deny, redirect)
  • Use a message box to display a variable in a VPE
  • Assign custom session variables
  • Use a macro to combine multiple VPE objects
  • Demonstrate an understanding of differences in creating a macro versus an access policy
  • Import and deploy supported iApp templates
  • Determine the min/max BIG-IP module versions supported by a specific iApp template
  • Determine which BIG-IP modules are required to deploy a specific iApp template
  • Reconfigure a deployed iApp to update objects
  • Identify iApp used to deploy an object
  • Make manual changes to a deployed application service
  • Demonstrate an understanding of the impact of disabling strict updates
  • Determine proper use of profile scope (e.g., profile, virtual server, global)
  • Tune policy settings (e.g., multiple concurrent users, limit active sessions per IP address)
  • Apply corporate branding (i.e., adding a logo, footer, logon form)
  • Add additional languages for browser localization
  • Demonstrate an understanding of the limitation of two units per HA pair and traffic group
  • Configure Access Policy Sync (e.g., Configuring local objects vs global, validate access policy sync)
  • Update an existing license for BIG-IP APM
  • Consider CCU utilization for different types of access policy deployments
  • Gather data from relevant BIG-IP tools (e.g., session reports, session variables, tcpdump, ssldump, sessiondump, APM log)
  • Add debug logic to APM iRules
  • Configure Debug logging
  • Compare expected vs actual behaviours based on problem description
  • Analyse and correlate all collected data (client/BIG-IP/server side) to understand where a failure occurred
  • Determine cause of EPSEC failures
  • Demonstrate an understanding of how the BIG-IP solution mitigates common security risks (e.g., cookie hijacking, DoS attacks)
  • Determine which features of the BIG-IP device mitigate common DoS attacks
  • Deploy GeoIP and IP intelligence in the VPE to protect resources
  • Configure logging
  • Configure objects needed to deploy MFA
  • Configure SNMP traps
  • Identify user session details
  • Demonstrate an understanding of BIG-IP APM session cookies
  • Compare transparent vs explicit proxy deployments
  • Determine the purpose of SWG
  • Describe the differences between inactivity timeout, access policy timeout, and maximum session timeout
  • Explain how ACLs are deployed by default when creating a policy
  • Explain when a layer 4 or layer 7 ACL would be needed
  • Demonstrate an understanding of TCP/UDP ports required for application services
  • Configure client-side checks (e.g., anti-virus, firewall, registry)
  • Update and install EPSEC software
Get our expert trainers at your premises. Logitrain Customised Team can tailor the course to meet your organisation's specific learning and development needs and business goals.
  • Date Format: DD dash MM dash YYYY
  • This field is for validation purposes and should be left unchanged.
Request Information
  • five star ratings
    High-quality, cost-effective training since 2004
  • This field is for validation purposes and should be left unchanged.
What is included with the 304: BIG-IP APM Specialist Course?
Logitrain course includes official certification exam fee.
Certificate of Attendance

Get a Certificate of Attendance to prove your commitment to learning

Our class size is small for personalised learning experience
Small Class Size

We provide personalised learning experience for every student

Logitrain courses, programs and packages includes course material.
Includes Course Material

Course material in digital format is included for flexibility and ease of use

Logitrain courses, packages and programs includes sample practise questions.
Includes Mock & Test Questions

Mock test is included in the full-time courses to assist with your preparation

Skilled Trainers
Highly Skilled Trainers

Our trainers are highly skilled with expertise and extensive hands-on experience

Logitrain courses include price beat guarantee.
Our Price Beat Guarantee

Relax, we will beat competitor’s advertised price in Australia. Our course has no extra costs

Dates, Locations & Prices
Logitrain Live Online Training Banner

Location Type Duration Price Dates
Location Type Duration Price Dates

The supply of this course/package/program is governed by our terms and conditions. Please read them carefully before enrolling, as enrolment is conditional on acceptance of these terms and conditions. Proposed dates are given, courses run subject to availability and minimum registrations.


Find out why we are the leading choice to help boost your career in Australia

medal first placePrepare to get IT job ready in 8 weeks

Classroom trainingsTrained 15,000+ professionals and counting

training accessibilityExperienced Provider: Operating Since 2004

TeamworkTrained staff from 1200+ Australian Businesses

We Have Placed Candidates In
Attend live virtual training program

Over 1000 organisations have relied on Logitrain to be their trusted training partner.

five star ratings
High-quality, cost-effective training since 2004
Learn More
  • This field is for validation purposes and should be left unchanged.

Don’t Wait. Please fill the form now.