Loading Course Schedule...
PT20233
Training Summary
The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Prerequisites
Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.
Duration
4 Days/Lecture & Lab
Audience
This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.
Course Topics
- Setting Up the BIG-IP System
- Traffic Processing with BIG-IP
- Web Application Concepts
- Common Web Application Vulnerabilities
- Security Policy Deployment
- Policy Tuning and Violations
- Attack Signatures
- Positive Security Policy Building
- Cookies and Other Headers
- Reporting and Logging
- User Roles and Policy Modification
- Advanced Parameter Handling
- Application-Ready Templates
- Web Application Vulnerability Scanners
- Login Enforcement & Session Tracking
- Brute Force and Web Scraping Mitigation
- Layered Policies
- Layer 7 DoS mitigation
- ASM and iRules
- Content Profiles
- Review and Final Labs
- Additional Training and Certification