Course Overview

Learn How to Boost your Cybersecurity Toolkit by Applying AI to Combat the OWASP Top Ten Vulnerabilities.

OWASP 2021 refers to the latest edition of the Open Web Application Security Project (OWASP) Top Ten list, which identifies the most critical web application security risks. It is a valuable resource as it provides organizations with insights into prevalent vulnerabilities, helping them prioritize their security efforts and fortify their applications against potential attacks.

Applying AI to the OWASP Top Ten is a two-day, expert led course geared for technical students eager to explore AI’s potency in mitigating cybersecurity threats. This course unravels the intersection of AI, cybersecurity, and ethical considerations with a focus on the OWASP top ten. The curriculum provides a detailed exploration of OWASP’s top ten security risks, illustrating how AI can be effectively applied to detect and mitigate these common threats, such as Injection and Broken Authentication.

Through engaging discussions, interactive activities, and case study reviews, attendees will delve into the practical application of sophisticated AI algorithms to counter prevalent OWASP risks. The course encompasses an array of OWASP-related topics including how to leverage AI to manage risks associated with Insufficient Logging & Monitoring and Using Components with Known Vulnerabilities, as well as how to prevent Cross-Site Scripting (XSS) and Insecure Deserialization through the power of AI. Emphasizing the importance of testing, validating, and fine-tuning AI models, the course provides a comprehensive understanding of these tools’ robustness and effectiveness in addressing OWASP risks. Integrating technical skills with ethical considerations, attendees will learn about designing and implementing AI models that adhere to ethical standards while effectively detecting and mitigating OWASP risks.

You’ll exit the course with a solid grasp of the crucial role AI plays in tackling OWASP’s most prominent security risks, equipped to help bolster your organization’s defense against cyber threats. You’ll understand how to leverage AI for cybersecurity and how to create AI models to combat common vulnerabilities outlined by the OWASP Top Ten. Whether the goal is to strengthen an organization’s security framework or to broaden personal understanding of AI and cybersecurity, this course offers the critical expertise needed to begin your journey into navigating the intricate realm of AI-enhanced cybersecurity.

Course Objectives

Throughout the course you’ll learn to:

  • Understand the Complexities of OWASP: Develop a firm grasp on the OWASP Top Ten, gaining insights into the most significant web application security risks and the mechanisms behind these vulnerabilities.
  • Navigate the Intersection of AI and Cybersecurity: Gain a foundational understanding of how artificial intelligence can be utilized in the field of cybersecurity, specifically in the context of mitigating OWASP risks.
  • Master Detection and Mitigation Techniques: Learn to leverage AI to detect and mitigate common security risks such as Injection and Broken Authentication, and apply these skills to design effective AI models.
  • Apply Advanced AI Algorithms: Harness the power of AI algorithms to address OWASP risks, seeing how to customize these algorithms for various security vulnerabilities.
  • Tackle Real-World Security Challenges: Learn practical skills to manage risks associated with Insufficient Logging & Monitoring and Using Components with Known Vulnerabilities, while also learning methods to prevent Cross-Site Scripting (XSS) and Insecure Deserialization.
  • Validate and Test AI Models: Learn the crucial process of validating and testing AI models, ensuring their robustness and effectiveness in detecting OWASP risks, while adhering to ethical standards in AI application.

Course Content

1. Introduction to AI, OWASP Top Ten, and AI Ethics

  • Understand the intersection of AI, cybersecurity, and ethical considerations.
  • Introduction to OWASP and the top ten security risks for web applications.
  • Overview of AI and its applications in mitigating OWASP risks.
  • Discussion on AI Ethics, including privacy concerns and biases in AI models.
  • Exploring how AI can help mitigate these risks while ensuring ethical use.

2. AI for Injection and Broken Authentication Mitigation

  • Learn how AI helps detect and mitigate Injection and Broken Authentication.
  • Discussion on the nature of Injection and Broken Authentication attacks and their prevalence in OWASP.
  • How AI can help in detecting these vulnerabilities in real time.
  • Designing an AI model for mitigating these security risks. •
  • Demo: Train a basic AI model to detect potential Injection and Broken Authentication attacks

3. Deep Dive into AI Algorithms and their application in mitigating OWASP Risks

  • Comprehend the working mechanisms of key AI algorithms.
  • Detailed analysis of AI algorithms used in mitigating OWASP security risks.
  • Hands-on experience in choosing the right algorithm for a specific problem.
  • Guided tutorial on customizing algorithms for different OWASP vulnerabilities.
  • Demo: Selection and customization of AI algorithms for detecting Sensitive Data Exposure

4. AI for XML External Entity (XXE) and Security Misconfiguration Mitigation

  • Gain skills to utilize AI for detecting and mitigating XXE and Security Misconfigurations.
  • Introduction to XXE and Security Misconfigurations as significant OWASP risks.
  • How AI can assist in real-time detection of these vulnerabilities.
  • Designing an AI model for mitigating these OWASP threats.
  • Demo: Train a basic AI model to detect potential XXE attacks and Security Misconfigurations

5. AI for Cross-Site Scripting (XSS) and Insecure Deserialization Mitigation

  • Gain skills to utilize AI for detecting and mitigating XSS and Insecure Deserialization.
  • Introduction to XSS and Insecure Deserialization as significant OWASP risks.
  • How AI can assist in real-time detection of these vulnerabilities.
  • Designing an AI model for mitigating these OWASP threats.
  • Demo: Train a basic AI model to detect potential attacks

6. AI for Insufficient Logging & Monitoring and Using Components with Known Vulnerabilities

  • Gain skills to utilize AI for detecting and mitigating Insufficient Logging & Monitoring and using components with known vulnerabilities.
  • Introduction to these threats as significant OWASP risks.
  • How AI can assist in real-time detection of these vulnerabilities.
  • Designing an AI model for mitigating these OWASP threats.
  • Demo: Train a basic AI model to detect potential risks associated with insufficient logging and known vulnerabilities

7. AI Model Validation, Testing, and Limitations

  • Comprehend the importance of validation and testing in AI models.
  • Learn methods for testing, validating, and fine-tuning AI models.
  • Understanding the limitations of AI in the context of mitigating OWASP risks.
  • Demo: Validate and test a basic AI model for detecting OWASP risks

8. Future of AI in Mitigating OWASP Threats

  • Explore the future trends of AI in the context of cybersecurity and OWASP.
  • Discuss research and future applications of AI in cybersecurity.
  • Address advancements like adversarial AI, AI-powered intrusion detection systems etc.

Course Overview

Boost Web Application Security! Leverage AI to Mitigate OWASP Vulnerabilities, Anticipate Breaches, Debug Applications & More

Course Content

1. Introduction to AI and Secure Coding

  • Understand the basics of AI and the importance of secure coding
  • Understanding AI: An overview
  • Secure Coding in AI
  • Intro to machine learning
  • Demo: Demonstrate a basic AI model

2. Understanding OWASP Top Ten 2021 and AI Implications

  • Understand the OWASP Top Ten 2021 and how AI can mitigate risks
  • Brief overview of the OWASP Top Ten 2021
  • Discussing security risks in AI applications
  • Demo: Show how AI can be used to identify potential security threats using

3. Secure AI Programming and Web Application Integration

  • Understand the concept of secure AI programming and web application integration
  • Security in AI: An Overview
  • Secure data handling in AI
  • Connecting AI models with Web applications
  • Demo: Demonstrate connecting an AI model to a web application

4. Deploying and Debugging AI Applications

  • Understand how to deploy and debug AI applications
  • The fundamentals of AI application deployment
  • Troubleshooting common issues in AI applications
  • Demo: Demonstrate deploying a simple AI model

5. Natural Language Processing and AI Security

  • Understand the basics of Natural Language Processing (NLP) and AI security
  • Overview of NLP in AI
  • AI in identifying vulnerabilities in web applications
  • Demo: Showcase text processing and analysis

Course Overview


The Advanced Techniques for Cisco Firewall Threat Defense and Intrusion Prevention course shows you how to deploy and configure a Cisco Secure Firewall Threat Defense system and its features as a data center network firewall or as an Internet Edge firewall with Virtual Private Network (VPN) support. You will learn how to configure identity-based policies, Secure Sockets Layer (SSL) decryption, remote-access VPN, and site-to-site VPN before moving on to advanced Intrusion Prevention System (IPS) configuration and event management, integrations with other systems, and advanced troubleshooting. You will also learn how to automate configuration and operations of Cisco Secure Firewall Threat Defense system using programmability and Application Programming Interfaces (APIs) and how to migrate configuration from Cisco Secure Firewall Adaptive Security Appliances (ASA).

This training prepares you for the 300-710 Securing Networks with Cisco Firepower (SNCF) exam. If passed, you earn the Cisco Certified Specialist – Network Security Firepower certification and satisfy the concentration exam requirement for the Cisco Certified Networking Professional (CCNP) Security certification.

This training will help you:

This course is worth 40 Continuing Education (CE) credits towards recertification.

Course Objectives

After completing this course you should be able to:

  • Describe Cisco Secure Firewall Threat Defense
  • Describe advanced deployment options on Cisco Secure Firewall Threat Defense
  • Describe advanced device settings for Cisco Secure Firewall Threat Defense device
  • Configure dynamic routing on Cisco Secure Firewall Threat Defense
  • Configure advanced network address translation on Cisco Secure Firewall Threat Defense
  • Configure SSL decryption policy on Cisco Secure Firewall Threat Defense
  • Deploy Remote Access VPN on Cisco Secure Firewall Threat Defense
  • Deploy identity-based policies on Cisco Secure Firewall Threat Defense
  • Deploy site-to-site IPsec-based VPN on Cisco Secure Firewall Threat Defense
  • Deploy advanced access control settings on Cisco Secure Firewall Threat Defense
  • Describe advanced event management on Cisco Secure Firewall Threat Defense
  • Describe available integrations with Cisco Secure Firewall Threat Defense
  • Troubleshoot traffic flow using advanced options on Cisco Secure Firewall Threat Defense
  • Describe benefits of automating configuration and operations of Cisco Secure Firewall Threat Defense
  • Describe configuration migration to Cisco Secure Firewall Threat Defense

Course Content

Introducing Cisco Secure Firewall Threat Defense

  • Firewall Functionality
  • Cisco Secure Firewall Platform
  • Use Cases
  • Deployment Options
  • Management Options
  • Basic Network Settings
  • Packet Processing
  • ACP and Prefilter Policies Overview
  • Cisco Secure Firewall Smart Licensing

Describing Advanced Deployment Options on Cisco Secure Firewall Threat Defense

  • Cisco Secure Firewall Threat Defense Architecture
  • FXOS and Secure Firewall Chassis Manager
  • Multi-Instance Deployment
  • Cluster Deployment
  • Cluster Configuration

Configuring Advanced Device Settings on Cisco Secure Firewall Threat Defense

  • QoS Implementation
  • Service Policies Implementation
  • FlexConfig Policies Implementation
  • Traffic Bypass

Configuring Dynamic Routing on Cisco Secure Firewall Threat Defense

  • Dynamic Routing Overview
  • Virtual Routing
  • Dynamic Routing Configuration

Configuring Advanced NAT on Cisco Secure Firewall Threat Defense

  • Network Address Translation Overview
  • Advanced NT Rules Implementation

Configuring SSL Policy on Cisco Secure Firewall Threat Defense

  • SSL Encryption Overview
  • SSL Decryption Overview
  • SSL Policy Configuration
  • SSL Policy Best Practices

Deploying Remote Access VPN on Cisco Secure Firewall Threat Defense

  • Remote-Access VPN Components
  • Digital Certificate Enrollment
  • Remote Access VPN Configuration
  • Remote Access VPN High Availability

Deploying Identity-Based Policies on Cisco Secure Firewall Threat Defense

  • Identity-Based Policies
  • Realm Configuration
  • Identity Source Configuration
  • Identity-Based Policy Configuration

Deploying Site-to-Site VPN on Cisco Secure Firewall Threat Defense

  • Site-to-Site VPN Components
  • Policy-Based and Route-Based Site-to-Site VPNs
  • Point-to-Point VPN Configuration VTIs
  • Hub-and-Spoke VPN Configuration with Crypto Maps
  • Site-toSite High Availability

Configuring Snort Rules and Network Analysis Policies

  • Snort and Network Analysis Policy
  • Snort Rules and Actions
  • Secure Firewall Recommendations

Describing Advanced Event Management Cisco Secure Firewall Threat Defense

  • Alerting
  • Correlation Policies
  • External Event Logging

Describing Integrations on Cisco Secure Firewall Threat Defense

  • Integration with Cisco Identity Service Engine
  • Integration with Cisco Network Analytics
  • Integration with SecureX

Troubleshooting Advanced Traffic Flow on Cisco Secure Firewall Threat Defense

  • Traffic Flow Overview
  • Troubleshooting Tools
  • Troubleshooting Process
  • Performance Troubleshooting

Automating Cisco Secure Firewall Threat Defense

  • Network Operations Automation
  • Cisco Secure Firewall Management Center API Overview
  • Cisco Secure Firewall Device Manager API Overview

Migrating to Cisco Secure Firewall Threat Defense

  • Migration Options
  • Migration Tool
  • Migration from Cisco Secure firewall ASA

Labs Outlines:

  • Discovery Lab 1: Configure Multi-Instance Firewall Using Chassis Manager Interactive Activity
  • Discovery Lab 2: Deploy Advanced Connection Settings
  • Discovery Lab 3: Configure Dynamic Routing
  • Discovery Lab 4: Configure SSL Policy
  • Discovery Lab 5: Configure Remote Access VPN
  • Discovery Lab 6: Configure Identity-Based Policy
  • Discovery Lab 7: Configure Site-to-Site VPN
  • Discovery Lab 8: Customize IPS and NAP Policies
  • Discovery Lab 9: Configure Cisco Secure Firewall Threat Defense Integrations
  • Discovery Lab 10: Troubleshooting Cisco Secure Firewall Threat Defense
  • Discovery Lab 11: Cisco Secure Firewall Threat Defese Automation
  • Discovery Lab 12: Migrate Configuration from Cisco Secure Firewall ASA

Course Overview

This three-day course provides students with the knowledge to troubleshoot switching, routing, and security features. 

This course builds off the Juniper Technical Support Fundamentals (JTSF) and Junos Troubleshooting (JT) courses and helps network engineers further their network troubleshooting capabilities. 

Key topics include troubleshooting dynamic routing protocols such as OSPF, IS-IS, BGP, switching protocols, Ethernet VPN–Virtual Extensible LAN (EVPN-VXLAN) network, MPLS, multicast, class of service (CoS), stateful firewall features, IPsec VPNs (site-to-site and remote access), chassis clusters, next-generation firewall features, and vSRX. 

The course is based on Junos OS Release 23.1R1.

This is an advanced level course.

Course Objectives

After successfully completing this course, you should be able to: 

• Troubleshoot problems with OSPF routing protocol. 

• Troubleshoot problems with IS-IS routing protocol. 

• Troubleshoot problems with BGP routing protocol. 

• Troubleshoot routing loops and route oscillations. 

• Troubleshoot problems with switching protocols. 

• Troubleshoot an EVPN-VXLAN setup. 

• Demonstrate the ability to troubleshoot MPLS. 

• Demonstrate the ability to troubleshoot native multicast. 

• Demonstrate the ability to troubleshoot CoS. 

• Troubleshoot stateful firewall inspection. 

• Troubleshoot site-to-site IPsec VPNs. 

• Troubleshoot remote access VPNs using Juniper Secure Connect. 

• Troubleshoot chassis clusters. 

• Troubleshoot next-generation firewall features. 

• Troubleshoot vSRX.

Course Content

Day 1

Introduction 

Troubleshooting OSPF 

• Troubleshoot OSPF adjacencies 

• Troubleshoot OSPF inconsistencies 

Lab 1: Troubleshooting OSPF 

Troubleshooting IS-IS 

• Troubleshoot IS-IS adjacencies 

Lab 2: Troubleshooting IS-IS 

Troubleshooting BGP 

• Troubleshoot BGP neighbors 

• Troubleshoot BGP route advertisements 

Lab 3: Troubleshooting BGP 

Troubleshooting Routing Loops and Route Oscillations 

• Troubleshoot routing loops and route oscillations 

Lab 4: Troubleshooting Routing Loops and Route Oscillations

Day 2

Troubleshooting Switching Protocols 

• Implement monitoring and troubleshoot Layer 2 networks 

Lab 5: Troubleshooting Switching Protocols 

Troubleshooting EVPN-VXLAN network 

• Verify EVPN-VXLAN related configuration and run time issues 

Lab 6: Troubleshooting EVPN-VXLAN 

Troubleshooting MPLS 

• Troubleshoot RSVP and LDP LSPs 

Lab 7: Troubleshooting MPLS 

Troubleshooting Multicast 

• Troubleshoot PIM sparse mode operation 

Lab 8: Troubleshooting Multicast 

Troubleshooting CoS 

• Perform class of service troubleshooting 

Lab 9: Troubleshooting CoS

Day 3

Troubleshooting Stateful Firewall Security 

• Troubleshoot traffic flows through a stateful firewall 

Lab 10: Troubleshooting Stateful Firewall Security 

Troubleshooting IPsec VPNs 

• Describe general troubleshooting for IPsec VPNs 

• Describe how to troubleshoot IKE Phase 1 and Phase 2 

• Configure and analyze logging for IPsec VPNs 

• Examine IPsec troubleshooting case studies 

Lab 11: Troubleshooting IPsec VPNs 

Troubleshooting Chassis Clusters 

• Troubleshoot chassis clusters 

• Review chassis cluster case studies 

Lab 12: Troubleshooting Chassis Clusters 

Troubleshooting Next-Generation Firewall Features 

• Troubleshoot AppSecure services 

Lab 13: Troubleshooting Next-Generation Firewall Features 

Troubleshooting vSRX 

• Describe steps used to troubleshoot vSRX deployments 

Lab 14: Troubleshooting vSRX

Course Overview

This four-day course, which is designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. 

Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos OS security features with advanced coverage of advanced logging and reporting, next generation Layer 2 security, next generation advanced anti-malware with Juniper ATP On-Prem and SecIntel. 

This course uses Juniper Networks SRX Series Services Gateways for the hands-on component. This course is based on Junos OS Release 20.1R1.11, Junos Space Security Director 19.4, Juniper ATP On-Prem version 5.0.7. 

Course Level

Advanced Juniper Security (AJSEC) is an advanced-level course.

Relevant Juniper Product

• Security • Junos OS • SRX Series • vSRX Series • Sky ATP • SDSN

Course Objectives

• Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses. 

• Describe the various forms of security supported by the Junos OS. 

• Describe the Juniper Connected Security model. 

• Describe Junos security handling at Layer 2 versus Layer 3. 

• Implement next generation Layer 2 security features. 

• Demonstrate understanding of Logical Systems (LSYS). 

• Demonstrate understanding of Tenant Systems (TSYS). 

• Implement virtual routing instances in a security setting. 

• Describe and configure route sharing between routing instances using logical tunnel interfaces. 

• Describe and discuss Juniper ATP and its function in the network. 

• Describe and implement Juniper Connected Security with Policy Enforcer in a network. 

• Describe firewall filters use on a security device. 

• Implement firewall filters to route traffic. 

• Explain how to troubleshoot zone problems. 

• Describe the tools available to troubleshoot SRX Series devices. 

• Describe and implement IPsec VPN in a hub-and-spoke model. 

• Describe the PKI infrastructure. 

• Implement certificates to build an ADVPN network. 

• Describe using NAT, CoS and routing protocols over IPsec VPNs. 

• Implement NAT and routing protocols over an IPsec VPN. 

• Describe the logs and troubleshooting methodologies to fix IPsec VPNs. 

• Implement working IPsec VPNs when given configuration that are broken. 

• Describe Incident Reporting with Juniper ATP On-Prem device. 

• Configure mitigation response to prevent spread of malware. 

• Explain SecIntel uses and when to use them. 

• Describe the systems that work with SecIntel. 

• Describe and implement advanced NAT options on the SRX Series devices. 

• Explain DNS doctoring and when to use it. 

• Describe NAT troubleshooting logs and techniques.

Course Content

Day 1

Course Introduction

Junos Layer 2 Packet Handling and Security Features 

• Transparent Mode Security 

• Secure Wire 

• Layer 2 Next Generation Ethernet Switching 

• MACsec 

LAB 1: Implementing Layer 2 Security

Firewall Filters 

• Using Firewall Filters to Troubleshoot 

• Routing Instances 

• Filter-Based Forwarding 

LAB 2: Implementing Firewall Filters

Troubleshooting Zones and Policies 

• General Troubleshooting for Junos Devices 

• Troubleshooting Tools 

• Troubleshooting Zones and Policies 

• Zone and Policy Case Studies 

LAB 3: Troubleshooting Zones and Policies

Day 2

Hub-and-Spoke VPN 

• Overview 

• Configuration and Monitoring 

LAB 4: Implementing Hub-and-Spoke VPNs

Advanced NAT 

• Configuring Persistent NAT 

• Demonstrate DNS Doctoring 

• Configure IPv6 NAT Operations 

• Troubleshooting NAT 

LAB: 5: Implementing Advanced NAT Features

Logical and Tenant Systems 

• Overview 

• Administrative Roles 

• Differences Between LSYS and TSYS 

• Configuring LSYS 

• Configuring TSYS 

LAB 6: Implementing TSYS

Day 3

PKI and ADVPNs 

• PKI Overview 

• PKI Configuration 

• ADVPN Overview 

• ADVPN Configuration and Monitoring 

LAB 7: Implementing ADVPNs

Advanced IPsec 

• NAT with IPsec 

• Class of Service with IPsec 

• Best Practices 

• Routing OSPF over VPNs 

LAB 8: Implementing Advanced IPsec Solutions

Troubleshooting IPsec 

• IPsec Troubleshooting Overview 

• Troubleshooting IKE Phase 1 and 2 

• IPsec Logging 

• IPsec Case Studies 

LAB 9: Troubleshooting IPsec

Day 4

Juniper Connected Security 

• Security Models 

• Enforcement on Every Network Device

SecIntel 

• Security Feed 

• Encrypted Traffic Analysis 

• Use Cases for SecIntel 

LAB 10: Implementing SecIntel

Advanced Juniper ATP On-Prem 

• Collectors 

• Private Mode 

• Incident Response 

• Deployment Models 

LAB 11: Implementing Advanced ATP On-Prem

Automated Threat Mitigation 

• Identify and Mitigate Malware Threats 

• Automate Security Mitigation 

LAB 12: Identifying and Mitigating Threats

Group VPNs 

• Overview 

• Implementing Group VPNs

Course Overview

This 2-day course gives network administrators, network operators, and network engineers a functional understanding of the BIG-IP system as it is commonly deployed in an application delivery network.

The course introduces students to the BIG-IP system, its configuration objects, how it processes traffic, and how typical administrative and operational activities are performed.

The course includes lecture, hands-on labs, interactive demonstrations, and discussions.

Course Topics

• Getting started with the BIG-IP system

• Traffic processing with BIG-IP Local Traffic Manager (LTM)

• Using TMSH (TMOS Shell) command line interface

• Using NATs and SNATs

• Monitoring application health and managing object status

• Modifying traffic behavior with profiles, including SSL offload and re-encryption

• Modifying traffic behavior with persistence, including source address affinity and cookie persistence

• Troubleshooting the BIG-IP system, including logging (local, high-speed, and legacy remote logging), and using TCPDUMP

• User roles and administrative partitions

• vCMP concepts

• Configuring high availability (including active/standby and connection and persistence mirroring)

Course Objectives

After completing this course, participants will be able to complete the following tasks: 

• Describe the role of the BIG-IP system as a full proxy device in an application delivery network

• Set up, start/restart/stop, license, and provision the BIG-IP system out-of-the-box

• Create a basic network configuration on the BIG-IP system including VLANs and self IPs

• Use the Configuration utility and TMSH to manage BIG-IP resources such as virtual servers, pools, pool members, nodes, profiles, and monitors

• Create, restore from, and manage BIG-IP archives

• View resource status, availability, and statistical information and use this information to determine how the BIG-IP system is currently processing traffic

• Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server

• Perform basic troubleshooting and problem determination activities including using the iHealth diagnostic tool

• Support, and view traffic flow using TCPDUMP

• Understand and manage user roles and partitions

• Configure and manage a sync-failover device group with more than two members

• Configure stateful failover using connection mirroring and persistence mirroring

Course Content

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System

• Initially Setting Up the BIG-IP System

• Configuring the Management Interface

• Activating the Software License

• Provisioning Modules and Resources

• Importing a Device Certificate

• Specifying BIG-IP Platform Properties

• Configuring the Network

• Configuring Network Time Protocol (NTP) Servers

• Configuring Domain Name System (DNS) Settings

• Configuring High Availability Options

• Archiving the BIG-IP Configuration

•Leveraging F5 Support Resources and Tools

Chapter 2: Traffic Processing Building Blocks

• Identifying BIG-IP Traffic Processing Objects

• Configuring Virtual Servers and Pools

• Load Balancing Traffic

• Viewing Module Statistics and Logs

• Using the Traffic Management Shell (TMSH)

• Understanding the TMSH Hierarchical Structure

• Navigating the TMSH Hierarchy

• Managing BIG-IP Configuration State and Files

• BIG-IP System Configuration State

• Loading and Saving the System Configuration

• Shutting Down and Restarting the BIG-IP System

• Saving and Replicating Configuration Data (UCS and SCF)

Chapter 3: Using NATs and SNATs

• Address Translation on the BIG-IP System

• Mapping IP Addresses with NATs

• Solving Routing Issues with SNATs

• Configuring SNAT Auto Map on a Virtual Server

• Monitoring for and Mitigating Port Exhaustion

Chapter 4: Monitoring Application Health

• Introducing Monitors

• Types of Monitors

• Monitor Interval and Timeout Settings

• Configuring Monitors

• Assigning Monitors to Resources

• Managing Pool, Pool Member, and Node Status

• Using the Network Map

Chapter 5: Modifying Traffic Behavior with Profiles

• Introducing Profiles

• Understanding Profile Types and Dependencies

• Configuring and Assigning Profiles

• Introducing SSL Offload and SSL Re-Encryption

Chapter 6: Modifying Traffic Behavior with Persistence

• Understanding the Need for Persistence

• Introducing Source Address Affinity Persistence

• Managing Object State

Chapter 7: Administering the BIG-IP System

• Configuring Logging

• Legacy Remote Logging

• Introducing High Speed Logging (HSL)

• High-Speed Logging Filters

• HSL Configuration Objects

• Configuring High Speed Logging

• Using TCPDUMP on the BIG-IP System

• Leveraging the BIG-IP iHealth System

• Viewing BIG-IP System Statistics

• Defining User Roles and Administrative Partitions

• Leveraging vCMP

 Chapter 8: Configuring High Availability

• Introducing Device Service Clustering (DSC)

• Preparing to Deploy a DSC Configuration

• Configuring DSC Communication Settings

• Establishing Device Trust

• Establishing a Sync-Failover Device Group

• Synchronizing Configuration Data

• Exploring Traffic Group Behavior

• Understanding Failover Managers and Triggers

• Achieving Stateful Failover with Mirroring

Course Changes since v15

• No significant changes to course outline or materials since the v15 release. 

• Minor updates to the course include review and update of referenced knowledge articles, GUI screenshots, hardware platform images in introduction and chapter 1 slides and student guide pages, and removed information for obsolete topics such as Link Controller.

Course Overview

This 5-day bundle course covers the following 2 courses:

 Administering BIG-IP v15.1

This 2-day course gives network administrators, network operators, and network engineers a functional understanding of the BIG-IP system as it is commonly deployed in an application delivery network.

The course introduces students to the BIG-IP system, its configuration objects, how it processes traffic, and how typical administrative and operational activities are performed.

The course includes lecture, hands-on labs, interactive demonstrations, and discussions.

Topics covered:

• Getting started with the BIG-IP system

• Traffic processing with BIG-IP Local Traffic Manager (LTM)

• Using TMSH (TMOS Shell) command line interface

• Using NATs and SNATs

• Monitoring application health and managing object status

• Modifying traffic behavior with profiles, including SSL offload and re-encryption

• Modifying traffic behavior with persistence, including source address affinity and cookie persistence

• Troubleshooting the BIG-IP system, including logging (local, high-speed, and legacy remote logging), and using TCPDUMP

• User roles and administrative partitions

• vCMP concepts

• Configuring high availability (including active/standby and connection and persistence mirroring)

Configuring BIG-IP LTM v15.1: Local Traffic Manager

This 3-day course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to both commonly used and advanced BIG-IP LTM features and functionality.

Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.

Topics covered:

• BIG-IP initial setup (licensing, provisioning, and network configuration)

• A review of BIG-IP local traffic configuration objects

• Using dynamic load balancing methods

• Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)

• Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)

• Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)

• Processing traffic with SNATs (including SNAT pools and SNATs as listeners)

• Modifying traffic behavior with profiles (including TCP profiles, advanced HTTP profile options, caching, compression, and OneConnect profiles)

• Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, packet filters, and route domains)

• Customizing application delivery with iRules and local traffic policies

• Securing application delivery using BIG-IP LTM

Course Objectives

At the end of this course, the student will be able to:

Administering BIG-IP v15.1

• Describe the role of the BIG-IP system as a full proxy device in an application delivery network

• Set up, start/restart/stop, license, and provision the BIG-IP system out-of-the-box

• Create a basic network configuration on the BIG-IP system including VLANs and self IPs

• Use the Configuration utility and TMSH to manage BIG-IP resources such as virtual servers, pools, pool members, nodes, profiles, and monitors

• Create, restore from, and manage BIG-IP archives

• View resource status, availability, and statistical information and use this information to determine how the BIG-IP system is currently processing traffic

• Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server

• Perform basic troubleshooting and problem determination activities including using the iHealth diagnostic tool

• Support, and view traffic flow using TCPDUMP

• Understand and manage user roles and partitions

• Configure and manage a sync-failover device group with more than two members

• Configure stateful failover using connection mirroring and persistence mirroring

Configuring BIG-IP LTM v15.1: Local Traffic Manager

• Back up the BIG-IP system configuration for safekeeping

• Configure virtual servers, pools, monitors, profiles, and persistence objects

• Test and verify application delivery through the BIG-IP system using local traffic statistics

• Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic

• Compare and contrast member-based and node-based dynamic load balancing methods

• Configure connection limits to place a threshold on traffic volume to particular pool members and nodes

• Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each

• Describe the three Match Across Services persistence options and use cases for each

• Configure health monitors to appropriately monitor application delivery through a BIG-IP system

• Configure different types of virtual services to support different types of traffic processing through a BIG-IP system

• Configure different types of SNATs to support routing of traffic through a BIG-IP system

• Configure VLAN tagging and trunking

• Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings

• Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system

• Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system

• Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies

Course Content

Administering BIG-IP v16.1

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System

• Initially Setting Up the BIG-IP System

• Configuring the Management Interface

• Activating the Software License

• Provisioning Modules and Resources

• Importing a Device Certificate

• Specifying BIG-IP Platform Properties

• Configuring the Network

• Configuring Network Time Protocol (NTP) Servers

• Configuring Domain Name System (DNS) Settings

• Configuring High Availability Options

• Archiving the BIG-IP Configuration

• Leveraging F5 Support Resources and Tools

Chapter 2: Traffic Processing Building Blocks

• Identifying BIG-IP Traffic Processing Objects

• Configuring Virtual Servers and Pools

• Load Balancing Traffic

• Viewing Module Statistics and Logs

• Using the Traffic Management Shell (TMSH)

• Understanding the TMSH Hierarchical Structure

• Navigating the TMSH Hierarchy

• Managing BIG-IP Configuration State and Files

• BIG-IP System Configuration State

• Loading and Saving the System Configuration

• Shutting Down and Restarting the BIG-IP System

• Saving and Replicating Configuration Data (UCS and SCF)

Chapter 3: Using NATs and SNATs

• Address Translation on the BIG-IP System

• Mapping IP Addresses with NATs

• Solving Routing Issues with SNATs

• Configuring SNAT Auto Map on a Virtual Server

• Monitoring for and Mitigating Port Exhaustion

Chapter 4: Monitoring Application Health

• Introducing Monitors

• Types of Monitors

• Monitor Interval and Timeout Settings

• Configuring Monitors

• Assigning Monitors to Resources

• Managing Pool, Pool Member, and Node Status

• Using the Network Map

Chapter 5: Modifying Traffic Behavior with Profiles

• Introducing Profiles

• Understanding Profile Types and Dependencies

• Configuring and Assigning Profiles

• Introducing SSL Offload and SSL Re-Encryption

Chapter 6: Modifying Traffic Behavior with Persistence

• Understanding the Need for Persistence

• Introducing Source Address Affinity Persistence

• Managing Object State

Chapter 7: Administering the BIG-IP System

• Configuring Logging

• Legacy Remote Logging

• Introducing High Speed Logging (HSL)

• High-Speed Logging Filters

• HSL Configuration Objects

• Configuring High Speed Logging

• Using TCPDUMP on the BIG-IP System

• Leveraging the BIG-IP iHealth System

• Viewing BIG-IP System Statistics

• Defining User Roles and Administrative Partitions

• Leveraging vCMP

Chapter 8: Configuring High Availability

• Introducing Device Service Clustering (DSC)

• Preparing to Deploy a DSC Configuration

• Configuring DSC Communication Settings

• Establishing Device Trust

• Establishing a Sync-Failover Device Group

• Synchronizing Configuration Data

• Exploring Traffic Group Behavior

• Understanding Failover Managers and Triggers

• Achieving Stateful Failover with Mirroring

Configuring BIG-IP LTM v15.1: Local Traffic Manager

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System

• Initially Setting Up the BIG-IP System

• Archiving the BIG-IP Configuration

•Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

• Reviewing Nodes, Pools, and Virtual Servers

• Reviewing Address Translation

• Reviewing Routing Assumptions

• Reviewing Application Health Monitoring

• Reviewing Traffic Behavior Modification with Profiles

• Reviewing the TMOS Shell (TMSH)

• Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

• Exploring Load Balancing Options

• Using Priority Group Activation and Fallback Host

• Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

• Reviewing Persistence

• Introducing Cookie Persistence

• Specifying Default and Fallback Persistence

• Introducing SSL Persistence

• Introducing SIP Persistence

• Introducing Universal Persistence

• Introducing Destination Address Affinity Persistence

• Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

• Differentiating Monitor Types

• Customizing the HTTP Monitor

• Monitoring an Alias Address and Port

• Monitoring a Path vs. Monitoring a Device

• Managing Multiple Monitors

• Using Application Check Monitors

• Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

• Understanding the Need for Other Virtual Server Types

• Forwarding Traffic with a Virtual Server

• Understanding Virtual Server Order of Precedence

• Path Load Balancing

Chapter 7: Processing Traffic with SNATs

• Overview of SNATs

• Using SNAT Pools

• SNATs as Listeners

• SNAT Specificity

• VIP Bounceback

• Additional SNAT Options

• Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

• Profiles Overview

• TCP Express Optimization

• TCP Profiles Overview

• HTTP Profile Options

• HTTP/2 Profile Options

• OneConnect

• Offloading HTTP Compression to BIG-IP

• Web Acceleration Profile and HTTP Caching

• Stream Profiles

• F5 Acceleration Technologies

Chapter 9: Selected Topics

• VLAN, VLAN Tagging, and Trunking

• Restricting Network Access

• SNMP Features

• Segmenting Network Traffic with Route Domains

Chapter 10: Customizing Application Delivery with iRules

• Getting Started with iRules

• Understanding When iRules are Triggered

• Deploying iRules

• Constructing an iRule

• Testing and Debugging iRules

• Exploring iRules Documentation

Chapter 11: Customizing Application Delivery with Local Traffic Policies

• Getting Started with Local Traffic Policies

• Configuring and Managing Policy Rules

Chapter 12: Securing Application Delivery with LTM

• Understanding Today’s Threat Landscape

• Integrating LTM Into Your Security Strategy

• Defending Your Environment Against SYN Flood Attacks

• Defending Your Environment Against Other Volumetric Attacks

• Addressing Application Vulnerabilities with iRules and Local Traffic Policies

• Detecting and Mitigating Other Common HTTP Threats

Chapter 13: Final Lab Project

• About the Final Lab Project

Chapter 14: Additional Training and Certification

• Getting Started Series Web-Based Training

• F5 Instructor Led Training Curriculum

• F5 Professional Certification Program

Course Changes since v15

Administering BIG-IP v.16.1

• No significant changes to course outline or materials since the v15 release. 

• Minor updates to the course include review and update of referenced knowledge articles, GUI screenshots, hardware platform images in introduction and chapter 1 slides and student guide pages, and removed information for obsolete topics such as Link Controller.

Configuring BIG-IP LTM v16.1: Local Traffic Manager

• Updates for the v16.1 release include changes to TCP Profiles and Securing Application Delivery chapters. 

• All remaining content was reviewed and updated for relevance to the BIG-IP v16.1 release.

Course Overview

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the Internet. Being able to understand and position how Cisco Umbrella works and what the features are, is the key focus of this 3-day Cisco online IT class. Students who enter the course with a basic understanding of Cisco products and IT solutions will be able to describe Cisco Umbrella, understand Secure Internet Gateway and Ransomware Protection, discuss Threat Intelligence, use Cisco Roaming Client. Sign up with NterOne to get access to this Cisco online training course today.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

After completing this course you should be able to:

  • Describe and position Cisco Umbrella
  • Discuss Secure Internet Gateway and Ransomware Protection
  • Understand DNS & IP layer enforcement & Intelligent Proxy
  • Describe Command and control callback blocking
  • Discuss Threat Intelligence
  • Compare Umbrella Packages
  • Understand Roaming Security
  • Understand the basics of Cisco Roaming Client
  • Understand how to use Cisco Umbrella Virtual Appliance
  • Explain the ease of Integrating Cisco Umbrella into Active Directory
  • Discuss Umbrella Reporting
  • Understand Utilize Multi-Organization Tools

Course Content

Describe Cisco Umbrella

  • Umbrella and Available Features Overview

Umbrella Deployment Options

  • DHCP
  • DNS Server
  • Roaming Client

Configure Policy Components  – Part 1

  • Destination Lists
  • Content Categories
  • Application Settings
  • Tenant Controls
  • Security Settings

Configure Policy Components  – Part 2

  • Block Page Appearance
  • Integrations
  • Selective Decryption Lists
  • Bypass Users
  • Bypass Codes

Umbrella Policies-DNS, Firewall and Web

  • DNS Policies
  • Firewall Policies
  • Web Policies

Integrating Umbrella with Active Directory

  • AD Connector and Script
  • Virtual Appliance
  • Roaming Client
  • AnyConnect Roaming Security

Umbrella Roaming Security – Roaming Client

Umbrella Roaming Security – AnyConnect Roaming Security

Cisco Umbrella DNS Mobile Security

  • MDM Integration
  • IOS Devices
  • Android Devices

User Account Management

  • Local Accounts
  • User Roles

Umbrella Reporting

  • Core Reports
  • Additional Reports
  • Management Reports

Umbrella Investigate

Umbrella Multi-Organization

Integrating Umbrella within Cisco SecureXLab Outline:

  • Lab 0: Accessing the Lab Devices
  • Lab 1: Deploying Cisco Umbrella
  • Lab 2: Configuring Policy Components
  • Lab 3: Configuring Umbrella DNS Policy
  • Lab 4: Configuring Umbrella Firewall Policy
  • Lab 5: Configuring Umbrella Web Policy
  • Lab 6: Active Directory Integration using the Virtual Appliance
  • Lab 7: Deploying Umbrella Roaming Client
  • Lab 8: Deploying AnyConnect Roaming Security
  • Lab 9: Umbrella User Account and Roles Management
  • Lab 10: Umbrella Reporting
  • Lab 11: Leveraging Umbrella Investigate
  • Lab 12: SecureX Integration walk-though

Course Overview

This course gives developers exposure to and practice with best practices for building serverless applications using AWS Lambda and other services in the AWS serverless platform. You will use AWS frameworks to deploy a serverless application in hands-on labs that progress from simpler to more complex topics. You will use AWS documentation throughout the course to develop authentic methods for learning and problem-solving beyond the classroom.

Course level: Intermediate

Duration: 3 days

Course Objectives

In this course, you will learn to:

  • Apply event-driven best practices to a serverless application design using appropriate AWS services
  • Identify the challenges and trade-offs of transitioning to serverless development, and make recommendations that suit your development organization and environment
  • Build serverless applications using patterns that connect AWS managed services together, and account for service characteristics, including service quotas, available integrations, invocation model, error handling, and event source payload
  • Compare and contrast available options for writing infrastructure as code, including AWS CloudFormation, AWS Amplify, AWS Serverless Application Model (AWS SAM), and AWS Cloud Development Kit (AWS CDK)
  • Apply best practices to writing Lambda functions inclusive of error handling, logging, environment re-use, using layers, statelessness, idempotency, and configuring concurrency and memory
  • Apply best practices for building observability and monitoring into your serverless application
  • Apply security best practices to serverless applications
  • Identify key scaling considerations in a serverless application, and match each consideration to the methods, tools, or best practices to manage it
  • Use AWS SAM, AWS CDK, and AWS developer tools to configure a CI/CD workflow, and automate deployment of a serverless application
  • Create and actively maintain a list of serverless resources that will assist in your ongoing serverless development and engagement with the serverless community

Course Content

Day 1

Module 0: Introduction

  • Introduction to the application you will build
  • Access to course resources (Student Guide, Lab Guide, and Online Course Supplement)

Module 1: Thinking Serverless

  • Best practices for building modern serverless applications
  • Event-driven design
  • AWS services that support event-driven serverless applications

Module 2: API-Driven Development and Synchronous Event Sources

  • Characteristics of standard request/response API-based web applications
  • How Amazon API Gateway fits into serverless applications
  • Try-it-out exercise: Set up an HTTP API endpoint integrated with a Lambda function
  • High-level comparison of API types (REST/HTTP, WebSocket, GraphQL)

Module 3: Introduction to Authentication, Authorization, and Access Control

  • Authentication vs. Authorization
  • Options for authenticating to APIs using API Gateway
  • Amazon Cognito in serverless applications
  • Amazon Cognito user pools vs. federated identities

Module 4: Serverless Deployment Frameworks

  • Overview of imperative vs. declarative programming for infrastructure as code
  • Comparison of CloudFormation, AWS CDK, Amplify, and AWS SAM frameworks
  • Features of AWS SAM and the AWS SAM CLI for local emulation and testing

Module 5: Using Amazon EventBridge and Amazon SNS to Decouple Components

  • Development considerations when using asynchronous event sources
  • Features and use cases of Amazon EventBridge
  • Try-it-out exercise: Build a custom EventBridge bus and rule
  • Comparison of use cases for Amazon Simple Notification Service (Amazon SNS) vs. EventBridge
  • Try-it-out exercise: Configure an Amazon SNS topic with filtering

Module 6: Event-Driven Development Using Queues and Streams

  • Development considerations when using polling event sources to trigger Lambda functions
  • Distinctions between queues and streams as event sources for Lambda
  • Selecting appropriate configurations when using Amazon Simple Queue Service (Amazon SQS) or Amazon Kinesis Data Streams as an event source for Lambda
  • Try-it-out exercise: Configure an Amazon SQS queue with a dead-letter queue as a Lambda event source

Hands-On Labs Day 1

  • Hands-On Lab 1: Deploying a Simple Serverless Application
  • Hands-On Lab 2: Message Fan-Out with Amazon EventBridge

Day 2

Module 7: Writing Good Lambda Functions

  • How the Lambda lifecycle influences your function code
  • Best practices for your Lambda functions
  • Configuring a function
  • Function code, versions and aliases
  • Try-it-out exercise: Configure and test a Lambda function
  • Lambda error handling
  • Handling partial failures with queues and streams

Module 8: Step Functions for Orchestration

  • AWS Step Functions in serverless architectures
  • Try-it-out exercise: Step Functions states
  • The callback pattern
  • Standard vs. Express Workflows
  • Step Functions direct integrations
  • Try-it-out exercise: Troubleshooting a Standard Step Functions workflow

Module 9: Observability and Monitoring

  • The three pillars of observability
  • Amazon CloudWatch Logs and Logs Insights
  • Writing effective log files
  • Try-it-out exercise: Interpreting logs
  • Using AWS X-Ray for observability
  • Try-it-out exercise: Enable X-Ray and interpret X-Ray traces
  • CloudWatch metrics and embedded metrics format
  • Try-it-out exercise: Metrics and alarms
  • Try-it-out exercise: ServiceLens

Hands-On Labs Day 2

  • Hands-On Lab 3: Workflow Orchestration Using AWS Step Functions
  • Hands-On Lab 4: Observability and Monitoring

Day 3

Module 10: Serverless Application Security

  • Security best practices for serverless applications
  • Applying security at all layers
  • API Gateway and application security
  • Lambda and application security
  • Protecting data in your serverless data stores
  • Auditing and traceability

Module 11: Handling Scale in Serverless Applications

  • Scaling considerations for serverless applications
  • Using API Gateway to manage scale
  • Lambda concurrency scaling
  • How different event sources scale with Lambda

Module 12: Automating the Deployment Pipeline

  • The importance of CI/CD in serverless applications
  • Tools in a serverless pipeline
  • AWS SAM features for serverless deployments
  • Best practices for automation
  • Course wrap-up

Hands-On Labs Day 3

  • Hands-On Lab 5: Securing Serverless Applications
  • Hands-On Lab 6: Serverless CI/CD on AWS

Course Overview

This course teaches developers how to create end-to-end solutions in Microsoft Azure.

Students will learn how to implement Azure compute solutions, create Azure Functions, implement and manage web apps, develop solutions utilizing Azure storage, implement authentication and authorization, and secure their solutions by using KeyVault and Managed Identities. Students will also learn how to connect to and consume Azure services and third-party services, and include event- and message-based models in their solutions. The course also covers monitoring, troubleshooting, and optimizing Azure solutions.

Course Objectives

Students will learn to:

  • AZ-204: Implement Azure App Service web apps
  • AZ-204: Implement Azure Functions
  • AZ-204: Develop solutions that use Blob storage
  • AZ-204: Develop solutions that use Azure Cosmos DB
  • AZ-204: Implement containerized solutions
  • AZ-204: Implement user authentication and authorization
  • AZ-204: Implement secure Azure solutions
  • AZ-204: Implement API Management
  • AZ-204: Develop event-based solutions
  • AZ-204: Develop message-based solutions
  • AZ-204: Troubleshoot solutions by using Application Insights
  • AZ-204: Implement caching for solutions

Course Content

AZ-204: Implement Azure App Service web apps

  • Explore Azure App Service
  • Configure web app settings
  • Scale apps in Azure App Service
  • Explore Azure App Service deployment slots

AZ-204: Implement Azure Functions

  • Explore Azure Functions
  • Develop Azure Functions

AZ-204: Develop solutions that use Blob storage

  • Explore Azure Blob storage
  • Manage the Azure Blob storage lifecycle
  • Work with Azure Blob storage

AZ-204: Develop solutions that use Azure Cosmos DB

  • Explore Azure Cosmos DB
  • Work with Azure Cosmos DB

AZ-204: Implement containerized solutions

  • Manage container images in Azure Container Registry
  • Run container images in Azure Container Instances
  • Implement Azure Container Apps

AZ-204: Implement user authentication and authorization

  • Explore the Microsoft identity platform
  • Implement authentication by using the Microsoft Authentication Library
  • Implement shared access signatures
  • Explore Microsoft Graph

AZ-204: Implement secure Azure solutions

  • Implement Azure Key Vault
  • Implement managed identities
  • Implement Azure App Configuration

AZ-204: Implement API Management

  • Explore API Management

AZ-204: Develop event-based solutions

  • Explore Azure Event Grid
  • Explore Azure Event Hubs

AZ-204: Develop message-based solutions

  • Discover Azure message queues

AZ-204: Troubleshoot solutions by using Application Insights

  • Monitor app performance

AZ-204: Implement caching for solutions

  • Develop for Azure Cache for Redis
  • Develop for storage on CDNs