304 - APM TECHNOLOGY SPECIALIST



Similar documents
201 - TMOS ADMINISTRATION EXAM BLUEPRINT

F5 BIG-IP: Configuring v11 Access Policy Manager APM

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

Deploying F5 with IBM Tivoli Maximo Asset Management

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Deploying F5 to Replace Microsoft TMG or ISA Server

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

How To Integrate An Ipm With Airwatch With Big Ip On A Server With A Network (F5) On A Network With A Pb (Fiv) On An Ip Server On A Cloud (Fv) On Your Computer Or Ip

Deploying the BIG-IP System v11 with Microsoft SharePoint 2010 and 2013

Agenda. How to configure

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

Deploying F5 with Microsoft Active Directory Federation Services

Deploying the BIG-IP LTM and APM with Citrix XenApp or XenDesktop

Implementing PCoIP Proxy as a Security Server/Access Point Alternative

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Achieve Unified Access Control and Scale Cost-Effectively

Basic & Advanced Administration for Citrix NetScaler 9.2

Deliver Secure and Accelerated Remote Access to Applications

SAML 2.0 SSO Deployment with Okta

Deploying F5 with Microsoft Forefront Threat Management Gateway 2010

Deliver Secure and Fast Remote Access to Anyone from Any Device

WatchGuard SSL v3.2 Update 1 Release Notes. Introduction. Windows 8 and 64-bit Internet Explorer Support. Supported Devices SSL 100 and 560

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

Deploying F5 with Microsoft Remote Desktop Services

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP APM v with Citrix XenApp or XenDesktop

Deploying the BIG-IP System v11 with Microsoft Exchange 2010 and 2013 Client Access Servers

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

BIG-IP Access Policy Manager : Authentication and Single Sign-On. Version 12.0

Load Balancing for Microsoft Office Communication Server 2007 Release 2

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Achieve Unified Access Control and Scale Cost-Effectively

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP system v10 with Microsoft Exchange Outlook Web Access 2007

FileCloud Security FAQ

Configuring a single-tenant BIG-IP Virtual Edition in the Cloud

BIG-IP Access Policy Manager Tech Note for BIG-IP Edge Client App for ios

Single Sign On for ShareFile with NetScaler. Deployment Guide

Introducing the FirePass and Microsoft Exchange Server configuration

Deploying F5 with VMware View and Horizon View

Microsoft Exchange Client Access Servers

Flexible Identity Federation

Deploying F5 with Microsoft Dynamics CRM 2011 and 2013

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

Secure iphone Access to Corporate Web Applications

Deploying F5 with Microsoft Remote Desktop Gateway Servers

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with Apache Tomcat and Apache HTTP Server

How To Use Netscaler As An Afs Proxy

Secure remote access to your applications and data. Secure Application Access

Deploying the BIG-IP System v10 with SAP NetWeaver and Enterprise SOA: ERP Central Component (ECC)

VMware Identity Manager Administration

2X Cloud Portal v10.5

2X SecureRemoteDesktop. Version 1.1

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

Microsoft Exchange Server

TIBCO Spotfire Platform IT Brief

2 Downloading Access Manager 3.1 SP4 IR1

Connected Data. Connected Data requirements for SSO

Deploying the BIG-IP System with Microsoft Lync Server 2010 and 2013 for Site Resiliency

Lab 4a Lab 4b Lab 5a Lab 5b Lab 5c Lab 6a Lab 6b Lab 6c Lab 6d Lab 6e Lab 6f Lab 6g Lab 7a Lab 7b Lab 7c Lab 7d Lab 7e

Novell Access Manager SSL Virtual Private Network

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

Setup Guide Access Manager 3.2 SP3

New Single Sign-on Options for IBM Lotus Notes & Domino IBM Corporation

F5 and Microsoft Exchange Security Solutions

Siteminder Integration Guide

Table of Contents. Introduction. Audience. At Course Completion

Accops HyWorks v2.5. Quick Start Guide. Last Update: 4/18/2016

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

BIG-IP Access Policy Manager : Third-Party Integration Implementations. Version 12.0

Deploying F5 with Citrix XenApp or XenDesktop

10972B: Administering the Web Server (IIS) Role of Windows Server

Deploying F5 with Microsoft Dynamics CRM 2011 and 2013

Fireware Essentials Exam Study Guide

PC-Duo Web Console Installation Guide

Apache Server Implementation Guide

Metalogix Replicator. Quick Start Guide. Publication Date: May 14, 2015

Implementation Guide SAP NetWeaver Identity Management Identity Provider

Endpoint Security VPN for Mac

Administering the Web Server (IIS) Role of Windows Server

Deployment Guide. Deploying F5 BIG-IP Global Traffic Manager on VMware vcloud Hybrid Service

Administering the Web Server (IIS) Role of Windows Server 10972B; 5 Days

PRODUCT CATEGORY BROCHURE

INTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)

Configuring the BIG-IP APM as a SAML 2.0 Identity Provider for Microsoft Office 365

Single Sign-on (SSO) technologies for the Domino Web Server

Achieve Unified Access Control and Scale Cost-Effectively

VMware Identity Manager Administration

Xerox DocuShare Security Features. Security White Paper

A Guide to New Features in Propalms OneGate 4.0

SSL VPN Server Guide Access Manager 3.1 SP5 January 2013

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

Deploying F5 Application Ready Solutions with VMware View 4.5

Securing Networks with Cisco Routers and Switches ( )

Transcription:

ABOUT THE 304-APM TECHNOLOGY SPECIALIST EXAM. The 304-APM Technology Specialist exam is the required to achieve Certified F5 Technology Specialist, APM status. Successful completion of the APM Technology Specialist exam acknowledges the skills and understanding necessary for day-to-day management of Application Delivery Networks (ADNs) that incorporate technologies based on the F5 TMOS operating system (v11). WHAT IS THE 304-APM TECHNOLOGY SPECIALIST? F5 Certified Exam Blueprints list all the objectives an exam has to measure, much like a syllabus for the exam itself. The blueprint provides the detailed breakdown of the skills and knowledge a candidate should have to pass the exam. Blueprints can be used to identify areas for additional study, and are best used in conjunction with the Exam Study Guides. PEEQUISITE: F5 Certified BIG-IP Administrator (F5-CA) CEDENTIAL AWADED: F5 Certified Technology Specialist, APM THIS EXAM IS BASED ON V11.3 V1_2013

Section 1: 201 - TMOS TECHNOLOGY SPECIALIST Assess security needs and requirements to create an APM policy Cognitive Complexity Objective 1.01 Objective 1.02 Objective 1.03 Objective 1.04 Objective 1.05 Explain how APM mitigates common attack vectors and methodologies (e.g., cookie hijacking [front and back], DoS attack) Identify which APM tool(s) should be used to mitigate a specific authentication attack Describe common attack vectors Describe cookie function in common browsers Compare authentication methods Explain how APM uses and manages session cookies (domain, host, multidomain) Determine endpoint inspection requirements (e.g., OPSWAT, registry check). Describe the process to mitigate password guessing attacks Explain the differences among access methods (e.g., network, portal, access management) Determine the appropriate access method for a use case or set of requirements Distinguish among network communication requirements, security requirements, reporting requirements, and note the pros and cons Explain how security permissions on client PCs affect use cases Objective 1.06 Objective 1.07 Objective 1.08 Explain how APM interacts with commonly used applications (e.g., Microsoft Exchange, Citrix, VMware View, SharePoint) Explain how APM interacts with a virtual desktop infrastructure (e.g., VMware View, Citrix, DP) Compare access modes Determine deployment configurations with commonly used applications Explain the differences among logging levels (e.g., performance implications, security implications, information provided) Explain how APM uses TMOS facilities for logging Interpret log messages and the data contained within them Determine appropriate logging methods and verbosity levels to meet specified requirements Explain the various levels of verbosity available Determine appropriate verbosity levels Explain the performance implications of extended logging Explain security and privacy implications of log settings =emember =Understand/Evaluate 304 APM Technology Specialist exam blueprint Based on v11.3 2

Section 2: Configure and deploy an access profile Cognitive Complexity Objective 2.01 Objective 2.02 Determine the circumstances under which it is appropriate to use an APM specific profile (i.e., access, connectivity, rewrite, VDI and Java support) Determine appropriate access policy configurations to assign to the virtual server Given access methods, determine profiles and options that should be configured Determine the circumstances under which it is appropriate to use a non-apm specific profile (e.g., ServerSSL, Web Acceleration, Compression) Determine the circumstances under which particular access policy profiles and options are appropriate Compare non-apm Specific profiles when configuring a virtual server Objective 2.03 Explain how to create and assign an SSL profile Objective 2.04 Describe the process to upload the SSL certificate and key Determine which SSL profile to assign to the virtual server Determine appropriate SNAT settings to meet access requirements for Network Access (e.g., VoIP, Active mode FTP, emote Desktop to Network Access Clients) When troubleshooting failing connections, determine appropriate SNAT settings based on access requirements Compare SNAT pool options Objective 2.05 Objective 2.06 Objective 2.07 Objective 2.08 Explain the characteristics (e.g., pros and cons, restrictions, security implications, HA setup) of available AAA profiles Distinguish among/compare and contrast the different AAA types Explain the characteristics (e.g., pros and cons, restrictions, security implications) of available SSO profiles Distinguish among/compare and contrast the different SSO types Explain the implications of passwordless authentication options in APM and how they affect SSO (e.g., SAML, Client certificate, NTLM-end-user) Explain how APM uses TMOS facilities for logging Interpret log messages and the data contained within them Explain how to configure AAA profiles (e.g., HTTP Basic, AD, LDAP, adius, TACACS, KEBEOS, SA, SAML, OCSP, CLDP) =emember =Understand/Apply Based on v11.3 3

Objective 2.09 Explain techniques to simultaneously configure multiple AAA profiles ( e.g., two-factor) Explain high availability options for AAA profiles Describe the differences and similarities between authentication methods Explain the process to set up an APM device to use HTTPS Authentication Objective 2.10 Objective 2.11 Explain how to configure SSO profiles (e.g., HTTP Basic, NTLM, KEBEOS, SAML, Forms) Describe SSO profiles Determine the correct configurations to resolve SSO performance issues Explain how to configure SAML use cases (e.g., IDP, SP, IDP-initiated, SPinitiated) Configure SAML federation between two BIG-IPs Objective 2.12 Describe how to add and remove client and machine certificates Objective 2.13 Determine appropriate deployment option(s) to meet network access requirements (e.g., standalone edge client, browser components, mobile apps) Describe the different access methods: portal access functionality, app tunnel functionality, network access functionality, LTM+APM functionality List APM device clients When deploying a Network Access Edge client solution, determine which Edge Client component is required Objective 2.14 Explain how to configure access methods (e.g., network [SNAT vs. outed Mode], portal [rewrite options], application, app tunnel, LTM+APM) Determine best deployment option for network access (e.g., standalone edge client, browser components, mobile apps) Configure application access (e.g., app tunnel, DP, VDI) Explain protocol restrictions on application tunnels (i.e., TCP) Determine when Java support is needed for DP (e.g., Mac and Linux clients) Configure portal access Explain the custom rewrite options (e.g., split tunnel, client caching) Objective 2.15 Objective 2.16 Determine appropriate access methods (e.g., network, portal, application, LTM+APM) to meet requirements Explain how to configure and assign ACLs (e.g., L4, L7, static, dynamic, default action, iule events, logging options) =emember =Understand/Apply Based on v11.3 4

Objective 2.17 Objective 2.18 Objective 2.19 Objective 2.20 Objective 2.21 Objective 2.22 Explain the difference between Layer 7 and Layer 4 ACLs Explain the difference between static and dynamic Explain how ACLs are processed Explain the default ACL action (e.g., default allow) Describe ACL logging options Identify resource types for which associated ACLs are automatically created (e.g., remote desktop, portal access, application tunnels) Describe the ACL action types and their functions (e.g., allow, continue, discard, reject) Identify the ACL action types (e.g., allow, continue, discard, reject) Describe methods to map Microsoft Active Directory groups to assigned resources Explain the use of APM session variables (e.g., session flow, use in iules, variable assign policy item) Determine which Use the iule event policy item in the VPE Determine the appropriate Access Policy modifications to meet specific authentication requirements Explain access policy flow and logic (i.e., branching, loops, macros [when and how to use them]) Describe the use and configuration of endpoint checks (e.g., registry check, process check, Windows info, machine cert auth) Configure endpoint checks: AV check, registry check, file check, firewall check, process check, machine certification check Determine which steps are necessary to add macro checks to a policy Determine which steps are necessary to take when adding authentication methods Objective 2.23 Section 3: Objective 3.01 Describe customization options for an access policy (logon page, webtop, network access, language) Describe the different endpoint checks Identify the policy items available (e.g., client side, service side, general purpose) Describe the different branch endings (e.g., allow, deny, redirect) Maintain APM access profiles Interpret device performance information (e.g., dashboard, statistics tab, ACL denied report) Cognitive Complexity =emember =Understand/Apply Based on v11.3 5

Objective 3.02 Identify necessary software maintenance procedures to address a given condition List the steps for a safe upgrade (e.g., perform a backup before upgrading) Describe an OPSWAT integration Determine the most appropriate monitoring facility within the BIG-IP WebUI Predict the behavior of a device when upgrading and/or adding a new device Describe what happens during an upgrade if an active APM device was to failover to standby Objective 3.03 Section 4: Objective 4.01 Determine how upgrades on production systems affect end users (e.g., client components and high availability failover) Identify and resolve APM issues Explain the purpose and function of client side components (e.g., DNS Proxy elay service, Component Installer service for Windows, User Logon Credentials Access Service for Windows) Cognitive Complexity Objective 4.02 Interpret client and machine certificates (e.g., subject, issuer) Objective 4.03 Describe the process when configuring client certificates Give examples of Access resource types Interpret an HTTP protocol trace collected with a client side tool (e.g., HTTPWatch, Fiddler, Paros, Live Headers) Perform and interpret HTTPWatch capture Describe SSO methods for an APM-delivered web application Objective 4.04 Explain how to use capture utilities (e.g., SSLDump and TCPDump) Perform and interpret output of TCPDump Determine the correct TCPDump and SSLDump to resolve specific issues Objective 4.05 Analyze and interpret APM-specific log files (e.g., APM, SSO, rewrite) Objective 4.06 Identify error messages in log file outputs Determine the root cause of login issues based on information provided in log files Describe the use of built-in trouble-shooting tools (e.g., web engine trace, F5 Troubleshooting Utility, SessionDump, ADTest tool, LDAP search) Locate error codes List and describe APM logging services Locate core files =emember =Understand/Apply Based on v11.3 6

Objective 4.07 Objective 4.08 Diagnose and resolve authentication issues (e.g., client>apm, APM>AAA, APM>SSO) Analyze http requests to determine authentication issues Diagnose and resolve client side issues related to connections, performance, and endpoint inspection Determine the root cause of authentication and client side issues Differentiate between different types of authentication and client side issues A/E A/E =emember =Understand/Apply Based on v11.3 7

Cognitive Complexity Descriptions Lower Order Thinking Skills Higher Order Thinking Skills emember Understand/Apply Analyze/Evaluate Create Information retrieval Knowledge transfer Critical thinking and reasoning Innovation or Creative thinking ote memorization Comprehension or Ability to apply knowledge to a standard process Determine how parts relate to whole or Knowledge integration and application to new situation(s) Forming an original work product etrieve relevant knowledge from long-term memory Construct meaning from information Make judgments based on criteria Combine or reorganize parts to form a new pattern or structure e.g., recall, retrieve, recognize e.g., interpret, classify, compare, explain, implement e.g., troubleshoot, attribute, diagnose, critique Alpine Testing Solutions suggested cognitive complexity levels and associated verb references consider multiple approaches to defining cognitive processing (e.g., Anderson et al., Webb, Bloom, Frisbie). Above material created with assistance from Alpine and distributed with Alpine s permission as an attachment to certification test blueprints. e.g., generate, plan, produce Alpine Testing Solutions, Inc. (Alpine) gives F5 Networks permission to distribute the PDF Cognitive Complexity Description 20130418.pdf as an attachment to certification test blueprints created with assistance from Alpine into the exam blueprint. 2013 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. Based on v11.3 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information