F5 101 Exam failed :(
So I've been studying for this F5 101 Exam for some time. I've read the philip jonsson F5 101 book, the F5 study guide, done F5Learn and played in my own F5 lab for 200+ hours. I did my due diligence. Many of the questions were not included or even mentioned in the study guide. I have a feeling the exam has been updated several times without the study guide also being updated. At least I know now what kind of questions will be on the exam, but is there an actual place to read up on relevant F5 101 requirements? I feel a bit scammed...
F5 101 exam - what F5 courses should I buy
Hi, I got approval from my company's finance team that I can spend money on some official F5 training. I found these two courses: - Administering BIG-IP ::::https://www.f5.com/services/training/training-courses-and-classes/administering-big-ip - Configuring BIG-IP LTM ::::https://www.f5.com/services/training/training-courses-and-classes/configuring-big-ip-ltm-local-traffic-manager I have a good understanding of the OSI model, I hold a JNCIS-ENT and JNCIS certification. Though, I want to learn ADC better and F5 networks provides the superior ADC. I haven't done much work with F5 BIG-IP devices, I have only setup basic HA between two BIG-IP virtual editions. Should I buy both courses and attend them? Will they help me clear F5 101 exam, is it a fly-by? Given my lack of F5 knowledge. Any recommendations for being best-poised in this 101 exam. I intend on buying the $25 practice-exam after to assess readiness.
Regarding 101 exam
Hi All, I am appearing for 101 exam this week, so just wanted to check if any one appeared for exam recently? What kind of questions we expect in exam: lab, objective or subjective type? Also the study material shows lot of tcp/ip stuff so do I need to study tcp/ip al over again or just studying book is fine? Please suggest I was unable to find any sample questions so thought of using this forum. Thanks.studying for APM beta exam, question on first two objectives
anyone else around studying for the beta APM (304) exam? as with the previous ones im using the blueprint as the basis for my studying. this time i even have the course study guide, though it was a bit disappointing, mainly focusing on configuring and not on theory. but as before the blueprint throws some interesting curve balls. starting with the first objective: Objective 1.01 - Explain how APM mitigates common attack vectors and methodologies (e.g., cookie hijacking [front and back], DoS attack) i searched every resource i could find, but nowhere these terms are even mentioned in combination with APM. am i overlooking some document somewhere? it reads like this is just taken from some product promotion document :) if there isnt some document, what other common attack vectors and methodologies can you think of? based on some research i came up with these attacks: brute forcing (username / password) insufficient authentication* insufficient session expiration* badly written authentication code / input validation as for mitigation: cookie hijacking (front and back) - use secure / httponly flag, use correct domain and path DoS attack - use the default BIG-IP options, use iRule (less sure about this one, but dont see how to APM itself does anything against a DoS attack, or does defend your backend systems from one of course) brute forcing (password / username) - per default the APM module protects you, with iRules you can make it more robust insufficient authentication - per default the APM module protects what is behind it insufficient session expiration - you can configure expiration and log off URI badly written authentication code / input validation - by default APM provides a well checked and proven authentication framework the second objective feels like a double of the first Objective 1.02 - Identify which APM tool(s) should be used to mitigate a specific authentication attack or does anyone have a different idea here? stuff like this always bothers me with these blue prints, using totally different terms then anywhere else like "APM tool" and talking about matters like authentication attack without explaining what exactly. the same goes with the first objective, talking about these attack vectors and methodologies like everyone knows what they are. objective 1.02 has an interesting sub section also Compare authentication methods again, which authentication method? are we talking like password, token, certificate or bio-metric here or more like HTTP-basic, HTTP-digest and form based ... this annoys me. DISCLAIMER: im not trying to get answers to actual exam questions here, im just looking for general information based on the blue prints. some useful links: http://cwe.mitre.org/documents/sources/WASCThreatClassificationTaxonomyGraphic.pdf http://ict.govt.nz/guidance-and-resources/standards-compliance/authentication-standards/guidance-multi-factor-authentication/4-authentication-attac/ http://pic.dhe.ibm.com/infocenter/sprotect/v2r8m0/topic/com.ibm.ips.doc/concepts/wap_authentication.htm
