F5 BIG-IP Application Security Manager (ASM) v11x

COURSE OUTLINE:

Description

In this course, you will learn how to manage web-based and XML application attacks and how to use Application Security Manager to defend against these attacks.

You will cover installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations.

Audience

Those who need to learn to use Application Security Manager to defend against attacks.

Prerequisites

Understanding of:

Basic HTTP and HTML concepts
Basic security concepts
Common network terminology
Web application terminology

Proficiency in:

Basic PC operation and application skills, including operating a CD drive, keyboard, mouse, and Windows OS
Basic web browser operation (Internet Explorer)

Learning Objectives

HTTP and HTML concepts
Common HTTP vulnerabilities
HTTP classes
Security policy building
Wildcard entities
Traffic learning
Parameter configuration and protection
Security policy templates
Web services protection
Protocol Security Manager configuration
Logging profiles
Install and understand web application configuration
Configure a security policy based on live traffic
Rapid deployment techniques
Monitor and administer Application Security Manager

1. Installation and Initial Access

BIG-IP
Licensing and the Setup Utility
Provisioning

2. Web Application Concepts

Web Application Basics
Web Page Components
HTTP Concepts
HTTP Request Components
HTTP Headers

3. Web Application Vulnerabilities

Risk Mitigation and ASM

4. ASM Application Configuration

Configuration Components
HTTP Class
Virtual Servers
SSL Termination/Initiation
HTTP Request Flow

5. Security Policy

Security Policy Properties
Policy Enforcer
Security Policy Configuration
Security Policy Components

6. Security Policy Building Tool

Deployment Wizard
Rapid Deployment Concepts

7. Application-Ready Security Policy

8. Reporting

9. Administering ASM

User Management
Human Readable Policy
Synching Configurations
ASM qkview
Upgrading to v10

10. Configuration Lab Project 1

11. Traffic Learning

Learning Concepts
Violations

12. Parameters

Parameter Types
Parameter Levels

13. Security Policy Builder

14. Advanced Topics

ASM iRules
Flow Login Pages
Anomaly Detections

15. XML and Web Services

XML Concepts
Web Services Protection

16. Protocol Security Manager

FTP Protection
SMTP Protection
HTTP Protection
Protocol Security Manager Statistics
Configuring Protocol Security Manager

17. Configuration Lab Project 2

Review Questions

RELATED COURSES

Courses
Cyber Security

Palo Alto Networks: Panorama Essentials

In this course, you will learn how to configure and manage the Palo Alto Networks Panorama Management Server. You will learn about Panorama’s aggregated reporting, which will provide you with a holistic view of a network of Palo Alto Networks next-generation firewalls. Upon completion of this course, you will understand the Panorama server’s role in managing and securing your overall network.

Courses
Cyber Security

IBM Security QRadar SIEM Foundations

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned.

Courses
Cyber Security

CompTIA – Security+

CompTIA® Security+® (Exam SY0-401) is the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic in your organization. You can also take this course to prepare for the CompTIA Security+ certification examination. In this course, you will build on your knowledge of and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.

This course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-401) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of computer security. Today’s job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your computer security skill set so that you can confidently perform your duties in any security-related role.

Courses
Cyber Security

Security+ Prep Course

CompTIA’s Security+ is the premier vendor-neutral security certification and demonstrates your knowledge of security concepts, tools, and procedures. It confirms your ability to react to security incidents, and it validates your skill in anticipating security risks and guarding against them.

In our Security+ Prep Course, you will learn to:

Proactively implement sound security protocols to mitigate security risks
Quickly respond to security issues
Retroactively identify where security breaches may have occurred
Design a network, on-site or in the cloud, with security in mind

Our Security+ Prep Course prepares you for the Security+ certification exam based on the 2014 objectives (Exam SY0-401, which is included in the approved list of certifications to meet DoD Directive 8570.1 requirements). Our Security+ courseware has received the CompTIA Approved Quality Content (CAQC) symbol assuring you that all test objectives are covered in the training material.

This course is your one source for exam preparation and includes pre-class online access to:

Security+ reading plan
Security+ review guide
Security+ certification practice exams

During class, you’ll have access to:

Security+ student manual
Additional Security+ practice exam questions
Comprehension exercises, study digest, and quick reference card

An exam voucher is offered at the end of class so that you can take the exam at a later date.