SSFAMP - Protecting Against Malware Threats with Cisco AMP for Endpoints v3.0

COURSE OUTLINE:

Description

In this course, you will learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You also analyze malware detections using powerful tools available in the AMP for Endpoints console.

This course combines lecture materials and hands-on labs to make sure that you are able to successfully deploy and manage an AMP for Endpoints deployment.

Audience

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Prerequisites

  • TCP/IP experience including the major protocols, common services, and basic network traffic routing
  • Familiarity with security fundamentals
  • General knowledge of how operating systems work, including OS configuration structures, file system I/O and basic OS usage and management

Learning Objectives

  • Malware terminology and categories
  • Architecture and individual security features of Windows, Apple Mac, and Linux operating systems
  • What are vulnerabilities
  • Components and behavior of exploit kits and botnets
  • Modern attack vectors and trends
  • Key components and methodologies of Cisco Advanced Malware Protection
  • Key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP-protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Use the AMP for Endpoints tools to analyze a malware attack
  • Features of the Accounts menu for both public and private cloud installations

1. Modern Malware

2. Operating Systems and Vulnerabilities

3. Exploit Kits and Botnets

4. Attack Vectors and Trends

5. Introduction to Cisco AMP Technologies

6. AMP for Endpoints Overview and Architecture

7. Console Interface and Navigation

8. Outbreak Control

9. Endpoint Policies

10. Groups and Deployment

11. Analysis

12. Case Studies Analysis

13. Accounts