Arrow Electronics, Inc.

Deep Discovery Advanced Threat Detection 4.0 Training For Certified Professionals

CODE: TRM_DD

DURÉE: 3 Jours

PRIX H.T.: €2 250,00

Description

Trend Micro™ Deep Discovery™ Advanced Threat Detection 4.0 Training for Certified Professionals is a

three-day, instructor-led training course where participants will learn how to use Deep Discovery Advanced

Threat Protection solutions to detect, analyze, and respond to advanced threats and targeted attacks.

Participants explore key concepts and methodologies using the following blend of Deep Discovery

products for a more complete approach to network security:

Trend Micro™ Deep Discovery™ Analyzer

Trend Micro™ Deep Discovery™ Inspector

Trend Micro™ Deep Discovery™ Email Inspector

Trend Micro™ Deep Discovery™ Director

This course provides a variety of hands-on lab exercises allowing each student to put the lesson content

into action. There will be an opportunity to set up and configure various Deep Discovery management

and administration features and explore their functionality using a virtual lab environment.

A comprehensive look at the purpose, features, and capabilities of Deep Discovery Advanced Threat

Protection solutions. This includes recommendations on best practices and general troubleshooting

steps for a successful implementation, along with long-term maintenance of Deep Discovery solutions

in your environment.

The course also explores various deployment considerations and requirements needed to tie Deep

Discovery into various other Trend Micro solutions, like Trend Micro Vision One™, to enhance threat

hunting and intelligence sharing, for better threat detection functionality.

Objectifs

Upon completion of this course, students will be able to:

Describe the purpose, features, and capabilities of Deep Discovery Advanced Threat Detection solution

Deploy and configure the following Deep Discovery products:

Deep Discovery Analyzer

Deep Discovery Inspector

Deep Discovery Email Inspector

Deep Discovery Director

Analyze detected threats and share threat intelligence with Incident Response/Security Ops Centers

Create custom sandboxes for virtual analysis of suspicious objects

Manage suspicious objects and share threat intelligence with integrated security products

Centrally manage firmware and component updates through Deep Discovery Director

Audience

This course is designed for IT  professionals who are responsible for protecting networks from any kind  of network, endpoint, or cloud  security threats.
The individuals who will typically benefit the most include:
 • System administrators

• Network engineers

• Support engineers

• Integration engineers

• Solution and security architects

Prérequis

Before you take this course,

Trend Micro recommends that you have a working knowledge of their products and services, as well as basic networking concepts and principles.

Experience with the following products and technologies is also necessary:

• Windows® servers and clients

• Firewalls, web application firewalls, packet inspection devices

• General understanding of malware

 

Participants are required to bring a laptop computer with a recommended screen resolution  of at least 1980 x 1080 or above, and a display size of 15” or above.

Programme

The course topics in this training are divided into the following lessons:

Trend Micro Product Overview

Product Portfolios

Network Detection

Trend Micro™ Deep Discovery™ Product Family

Deep Discovery Analyzer

Network Setup

What is Deep Discovery Analyzer Looking For?

Creating and Importing a Sandbox Images

Deep Discovery Analyzer Tools

Submitting Samples to Deep Discovery Analyzer

Suspicious Objects List Management

MITRE ATT&CK™ Framework Tactics

and Techniques

Deep Discovery Inspector

Network Service Diagnostics

Deep Discovery Inspector Deployment

Topologies

Phases of a Targeted Attack

Case Study: APT36 (Earth Karkaddan)

Attack Chain and Malware Arsenal

Indicators of Compromise

Deep Discovery Threat Detection

Technologies

Deep Discovery Inspector Best Practice

and Configuration

Deploying Deep Discovery Inspector

Configuring Initial Network Settings

Best Practice Configurations and

Management

Working with Logs and Reports

Troubleshooting (Packet Capturing)

Analyzing Detected Threats in

Deep Discovery Inspector

Working with Threat Dashboards

Obtaining Key Information for Analyzing

Threat Detections

Viewing Hosts with Command-and-Control

Callbacks

Connecting to a Virtual Analyzer for

Sandbox Analysis

Dealing with Aggressive or False

Positive Detections

Deep Discovery Email Inspector

Deployment Topologies

Email Scanning Technologies

Integration with Trend Miro Products

Deploying Deep Discovery

Email Inspector

Installing and Configuring Deep Discovery

Email Inspector

Network Configuration

Virtual Analyzer Sandbox Configuration

Troubleshooting

Deep Discovery Email Inspector

Administration

Analyzing Detections

Policy Management

Configuring Scanning / Analysis

Policy Management

Configuring Virtual Analyzer for

Sandbox Analysis

Using Debug Functions

Deep Discovery Director

Installing Deep Discovery Director

Connecting Deep Discovery Products to

Deep Discovery Director

Sending Logs to a Syslog Server

Deployment Plans

Managing Threat Detections through Deep

Discovery Director

Viewing Email Messages with Malicious or

Suspicious Content

Configuring Rules for Detection

Threat Intelligence Interoperability (STIX,

TAXII)

Trend Micro Vision One™ Overview

Trend Micro XDR

Trend Micro Vision One

Trend Micro Vision One Apps

Trend Micro™ Managed XDR Service

Deep Discovery Inspector and

Trend Micro Vision One

Deploying Network Inventory Service

Downloading the Deep Discovery Inspector

Image

Creating a Virtual Machine for Deep

Discovery Inspector on VMware ESXi

Configuring Deep Discovery Inspector

Network Settings

Connecting Deep Discovery Inspector with

Trend Micro Vision One

Deploying Trend Micro Service Gateway

Connecting Deep Discovery Inspector with

Service Gateway

Appendices

Deep Discovery Threat

Detection Technologies

Trend Micro Product Integration

Creating Sandboxes

Test et Certification

Upon completion of this course, participants may choose to complete the certification examination to obtain designation as a Trend Micro Certified Professional for Deep Discovery Advanced Threat Detection.

Dates de session