Symantec Endpoint Detection & Response 4.1 Administration

Partager cette formation
Détails de la formation
Ajouter au calendrier

The Endpoint Detection and Response 4.1 Administration course is designed for the IT security professional in a Security Operations role. This class covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response.

Delivery Method

Instructor-led

Who Should Attend

The Endpoint Detection and Response 4.1 Administration course is intended for students who wish to perform Incident Response activities with Symantec Endpoint Detection and Response.

Prerequisites

This course assumes that students are familiar with security incident response or have equivalent knowledge. Students should also be familiar with Symantec Endpoint Protection.

Hands-On

This course includes practical hands-on exercises that enable you to test your new skills and begin to use those skills in a working environment.

Course Objectives

By the completion of this course, you will be able to:

• Identify evidence of suspicious and malicious activity
• Searching for Indicators of Compromise
• Block, Isolate, and Remove threats in the Environment
• Collect Forensic Information

  • Module 1 Evolving Threat Landscape

    • Challenges of Endpoint Detection and Response in the environment

    • How Symantec Endpoint Detection and Response meets those challenges

  • Module 2 Increase the visibility of suspicious and malicious activity in the environment

    • Understanding Suspicious & Malicious Activity

    • Prerequisite SEDR configuration or considerations

    • Identifying evidence of suspicious/malicious activity with SEDR

    • Proactive Security Incident Notification with SEDR

    • Understanding Indicators of Compromise

    • Searching for Indicators of Compromise with SEDR

  • Module 3 Decreasing Security Risk by Responding to Threats in the Environment

    • Prerequisite configuration or considerations

    • Methods used to Isolate threats

    • Isolating threats using SEDR

    • Methods Used to Block threats

    • Blocking threats using SEDR

    • Methods used to remove threats

    • Removing threats using SEDR

  • Module 4 Collecting and Reporting forensic data for further investigation of security incidents

    • Prerequisite configuration or considerations

    • Information Collected by SEDR

    • Collecting forensic information using SEDR

    • Creating reports with SEDR


Détails de la formation
Ajouter au calendrier
En rapport avec Formations
Vous aimerez peut-être aussi ces formations.
ProxySG 7.3 Administration with Secure Web Gateway
18 - 05 - 2025
21 - 05 - 2025
17h00
2 Jours
PECB Certified EBIOS Risk Manager
14 - 05 - 2025
15 - 05 - 2025
17h00
3 Jours
PECB Certified ISO/IEC 27005 Risk Manager
12 - 05 - 2025
13 - 05 - 2025
16h00
3 Jours

This site uses cookies. Find out more about cookies and how you can refuse them.

J'accepte