Advanced Services – Securing Cisco Networks with Sourcefire FireAMP Endpoints (SSFAMP)  

Obecnie brak terminów dla tego szkolenia. Zapytaj o szkolenie!

Dedykowane dla:

This course is designed for technical professionals who need to know how to deploy and manage FireAMP in your network environment. the primary audience for this course includes:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Wprowadzenie:

Securing Cisco Networks with Sourcefire FireAMP Endpoints (SSFAMP) Securing Cisco® Network with Sourcefire FireAMP Endpoints is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the powerful features of the Fire AMP software. This two-day virtual class covers information on Sourcefire Advanced Malware Protection (AMP) technology, deployment, management, and analysis.

You will learn how to build and manage an AMP deployment, create policies for endpoint groups, and deploy connectors. Users will also analyze malware detections using powerful tools available in the FireAMP console.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage a FireAMP deployment.

Opis:

Upon completion of this course, you should be able to:

  • Understand the architecture and various components of FireAMP and FireAMP cloud
  • Understand security concerns around malware and how attacks unfold
  • Understand and navigate the FireAMP interface, dashboard, and its components
  • Manage malware detection mechanisms
  • Understand advanced policy configuration for endpoints
  • Understand how to deploy and ditsribute the FireAMP connector
  • Understand file analysis and FireAMP reporting
  • Understand the private cloud offering

Wymagania:

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with the concepts of malware detection

Tematyka:

Detailed Course Outline

  • Module 1: FireAMP Overview and Architecture
  • Module 2: Console Interface and Navigation
  • Module 3: Outbreak Control
  • Module 4: Endpoint Policies
  • Module 5: Groups and Deployment
  • Module 6: Analysis
  • Module 7: Anlaysis Case Studies
  • Module 8: Accounts

Lab Topology

  • Lab 1: Performing the Initial Setup
  • Lab 2: Initialize the Private Cloud
  • Lab 3: Accessing the FireAMP Console
  • Lab 4: Reviewing the Interface
  • Lab 5: Simple Custom Detections
  • Lab 6: Advanced Custom Detection
  • Lab 7: Application Blocking
  • Lab 8: Whitelisting
  • Lab 9: DFC IP Backist
  • Lab 10: Create a FireAMP Policy
  • Lab 11: Creating Groups
  • Lab 12: Deploying the Connector
  • Lab 13: Connector Command Line Installation
  • Lab 14: Query the History Database
  • Lab 15: Manually Install a Policy
  • Lab 16: Testing Your Policy
  • Lab 17: Working with FireAMP Events
  • Lab 18: Detection/ Quarantine Events
  • Lab 19: File Trajectory
  • Lab 20: Device Trajectory
  • Lab 21: Reporting
  • Lab 22: ZBot Analysis and Remediation
  • Lab 23: User Accounts
  • Lab 24: Enable Demo Data