F5 ASM Test Prep

F5 ASM Test Prep

by Michael McNeil
Season 1
1.01 Explain the potential effects of common attacks on web applications • Understand and describe how the ASM can affect clients and applications directly while in either transparent or blocking mode • Summarize the OWASP Top Ten
1.01 Explain the potential effects of common attacks on web applications • Understand and describe how the ASM can affect clients and applications directly while in either transparent or blocking mode • Summarize the OWASP Top Ten
1.02 Explain how specific security policies mitigate various web application attacks • Understand/interpret an iRule or LTM policy to map application traffic to an ASM policy • Explain the trade-offs between security, manageability, false positives,
1.02 Explain how specific security policies mitigate various web application attacks • Understand/interpret an iRule or LTM policy to map application traffic to an ASM policy • Explain the trade-offs between security, manageability, false positives, and performance
1.03 Determine the appropriate policy features and granularity for a given set of requirements
1.03 Determine the appropriate policy features and granularity for a given set of requirements • Understand application (security) requirements and convert requirements to technical tasks
1.04 Determine which deployment method is most appropriate for a given set of requirements
1.04 Determine which deployment method is most appropriate for a given set of requirements • Determine which deployment method is most appropriate given the circumstances (web services, vulnerability scanner, templates, rapid deployment model)
1.05 Explain the automatic policy builder lifecycle
1.05 Explain the automatic policy builder lifecycle • Create any profiles required to support the policy deployment (xml, JSON, logging profiles) • Implement anomaly detection appropriate to the web app (D/DoS protection, brute force attack, web scraping, proactive bot defense)
1.06 Review and evaluate policy settings based on information gathered from ASM (attack signatures, DataGuard, entities)
1.06 Review and evaluate policy settings based on information gathered from ASM (attack signatures, DataGuard, entities) • Configure initial policy building settings (automatic policy builder settings)
1.07 Define appropriate policy structure for policy elements
1.07 Define appropriate policy structure for policy elements • Define appropriate policy structure for policy elements (URLs, parameters, file types, headers, sessions and
1.08 Explain options and potential results within the deployment wizard
1.08 Explain options and potential results within the deployment wizard • Describe options within the deployment wizard (deployment method, attack signatures, virtual server, learning method • Select the appropriate ASM deployment model given the business requirements
1.09 Explain available logging options
1.09 Explain available logging options • Explain the specifications of the remote logger (ports, types of logs, formats, address)
1.10 Describe the management of the attack signature lifecycle and select the appropriate attack signatures or signature sets
1.10 Describe the management of the attack signature lifecycle and select the appropriate attack signatures or signature sets • Understand management of attack signature lifecycle (staging, enforcement readiness period) and select appropriate attack signatures or signature sets.
1 of 3