Citrix ADC 12.x Advanced Concepts – Secure Web Applications (CNS-318) – Outline

Detailed Course Outline

Application Firewall Overview

  • AppFirewall solution Security Model (include signature)
  • Overview of types of attacks
  • PCIDSS
  • Adaptive Learning Engine
  • Packet Processing and Inspection
  • Log Files - view violations

Policies and Profiles

  • Profiles
  • Policies
  • Engine Settings

Regular Expressions

  • Forms of Regular Expressions
  • Using Regular Expressions
  • Metacharacters and Literal Characters
  • Escapes
  • Quantifiers
  • Back Referencing
  • Lookaheads
  • Regular Expression Scope

Attacks and Protections

  • Data Flow with AppFirewall
  • Security Checks
  • AppFirewall Actions
  • Adaptive Learning
  • Signatures
  • Code Quality (HTML Comment Striping)
  • Buffer Overflow
  • SQL injection
  • Cross-Site Scripting
  • Cookie Tampering
  • Cookie Protection
  • Parameter Tampering
  • Server Misconfiguration
  • Form Protections
  • Identity Theft - CC - Safe Object
  • URL Protections - Start URL and Deny URL
  • CSRF

Application Firewall Troubleshooting and Monitoring

  • Security Insight
  • HTTP Callout
  • Rate-Limit
  • AppQOE
  • IP Reputation