ASM certification, training and formation

Hi jdcosta,

I remember having the same problem as you when I took the ASM test, as there is not a lot of study guides compared to the 101 and 201. I can however give you a heads up on what you should study for the test.

Make sure you know the difference between learn, alarm and block, I will emphasize, you need a deep understanding of these 3 settings along with enforced vs. staging. For example, understanding why an attack signature is not being blocked but it is set to learn, alarm and block in the learning and blocking settings, why is it not being blocked? Because the attack signature is still in staging... That is the idea behind a lot of those questions. You need to thoroughly understand what those settings do.

Understand IP whitelisting or trusted IPs and when they come in handy. Understand global parameter settings and wildcard parameters. Understand how automatic policy builder works vs. manual and when to use both of them.

Understand web scraping and brute force. Know all of the different OWASP Top ten attacks and understand how to mitigate them with ASM. Here is an excellent chart that will lead you in the right direction. OWASP vs. ASM.

If I were you, I would go from start to finish through every setting in ASM. Read through the help menus because they give you a good idea what the settings do. Understand APIs and how they work. Understand content-profiles, filetypes, URLs, and the difference of changes being applied globally or per specific entity you are modifying. Do all of these things and I have no doubt you will pass the test.

Good luck, let me know when you pass!

I second everything Jacob said. I would also suggest that you sign up for the 4-day Configuring F5 Advanced WAF class. The classroom will isolate you from distractions, and allow you to focus on the product in the company of your peers.