Arrow Electronics, Inc.

Symantec Endpoint Detection and Response 4.x Planning, Implementation, and Administration R1

Kód: SYM_000200

DÉLKA: 24 Hours (3 DENNÍ)

CENA: Kč bez DPH 33 000,00


The Symantec Endpoint Detection and Response 4.x Planning, Implementation, and Administration course is designed for the IT security and systems administration professional in a Security Operations role. This course covers how to investigate, remediate, and recover from a security incident using Symantec Endpoint Detection and Response, as well as the prerequisite sizing and architecture configurations for implementing Symantec Endpoint Detection and Response On-Prem.


By the completion of this course, you will be able to:

  • Plan and implement a Symantec Endpoint Detection
    and Response deployment
  • Configure SEDR to perform endpoint detection and
  • Identify evidence of suspicious and malicious activity
  • Search for indicators of compromise
  • Block, isolate, and remove threats in the
  • Collect forensic information

Vstupní znalosti

This course assumes that students are familiar with
Symantec Endpoint Detection & Response and
Symantec Endpoint Protection.


Module 1: Introduction

  • The Evolving Threat Landscape
  • Challenges of Endpoint Detection and Response in
    the environment
  • How Symantec Endpoint Detection and Response
    meets objectives
  • Components of Symantec Endpoint Detection and
  • Shared Technologies
  • Symantec Endpoint Detection and Response AddOns and Integrations

Module 2: Architecture and Sizing

  • Architecture and Sizing Overview
  • Architecture
  • Sizing

Module 3: Implementation

  • System Requirements
  • Installing and Bootstrapping
  • Setup Wizard
  • Management Console Overview
  • Managing Certificates
  • User Accounts and Roles
  • Symantec Endpoint Protection Integration

Module 4: Detecting Threats

  • Understanding Suspicious & Malicious Activity
  • Prerequisite configuration or considerations
  • Identifying evidence of suspicious/malicious activity
    with Symantec EDR

Module 5: Investigating Threats

  • General Stages of an Advanced Attack
  • Understanding Indicators of Compromise
  • Searching for Indicators of Compromise
  • Analyzing Endpoint Activity Recorder Data
  • Additional Investigation Tools

Module 6: Responding to Threats

  • Cybersecurity Framework
  • Isolating Threats in The Environment
  • Blocking Threats in The Environment
  • Removing Threats in The Environment
  • Tuning the Environment

Module 7: Reporting on Threats

  • Recovery Overview
  • Notifications and Reporting
  • Collecting forensic data for further investigation of
    security incidents
  • Using Symantec EDR to create a Post Incident

Termíny školení

Další termíny školení Arrow v Evropě, včetně virtuálních.