CNS318 – Citrix (NetScaler) ADC 12.x Advanced Concepts – Secure Web ApplicationsDownload Course Outline
Title: Citrix (NetScaler) ADC 12.x Advanced Concepts - Secure Web Applications CNS318; 3 Days, Instructor-led
Description: Designed for students with previous NetScaler experience, this course is best suited for individuals who will be deploying and/or managing Citrix NetScaler Application Firewall (AppFirewall) in Citrix NetScaler environments. Learn the skills required to deploy and manage AppFirewall including types of web attacks, protections and signatures, the adaptive learning engine, AppFirewall policies and profiles, troubleshooting, and additional pertinent NetScaler security features. At the end of the course, students will be able to configure NetScaler environments to address application services security requirements with AppFirewall.
At Course Completion: Upon successful completion of this course, students will be able to: Identify common web attacks and vulnerabilities Write PERL compatible regular expressions Understand how to utilize the adaptive learning engine Configure AppFirewall to protect web applications Utilize NetScaler Secure Insight to Monitor, Manage and report on Application Services security Troubleshoot AppFirewall
Audience & Prerequisites: Students interested in learning the skills required to deploy and manage Citrix NetScaler Application Firewall. Specifically: Administrators Implementers/Engineers Architects CNS-102 NetScaler Overview AND CNS-220 Citrix NetScaler Essentials and Traffic Management OR CNS-222 Citrix NetScaler Essentials and Unified Gateway Citrix also recommends an understanding of the following concepts and technologies: The functionalities and capabilities of Citrix NetScaler Basic NetScaler network architecture Obtaining, installing, and managing NetScaler licenses Use of NetScaler traffic management features Basic Networking Windows and Linux Server administration Web Services SSL encryption and certificates Common web services attacks and use of 3rd party tools
Course Outline Details: Module 1: Application Firewall Overview AppFirewall solution Security Model (include signature) Overview of types of attacks PCIDSS Adaptive Learning Engine Packet Processing and Inspection Log Files – view violations Module 2: Policies and Profiles Profiles Policies Engine Settings Module 3: Regular Expressions Forms of Regular Expressions Using Regular Expressions Metacharacters and Literal Characters Escapes Quantifiers Back Referencing Lookaheads Regular Expression Scope Module 4: Attacks and Protections Data Flow with AppFirewall Security Checks AppFirewall Actions Adaptive Learning Signatures Code Quality (HTML Comment Striping) Buffer Overflow SQL injection Cross-Site Scripting Cookie Tampering Cookie Protection Parameter Tampering Server Misconfiguration Form Protections Identity Theft - CC – Safe Object URL Protections – Start URL and Deny URL CSRF Module 5: Application Firewall Troubleshooting and Monitoring Security Insight HTTP Callout Rate-Limit AppQOE IP Reputation
Start Date: 05/13/2019
End Date: 05/15/2019