Kod: SYM_EP14-A
Czas trwania: 40 Hours (5 days)
Cena netto: Request Price
The Symantec Endpoint Protection 14.x Administration R1 course is designed for the network, IT security, and systems administration professional in a Security Operations position tasked with the day-to-day operation of the SEPM on-premise management console and with configuring optimum security settings for endpoints protected by Endpoint Protection.
By the completion of this course, you will be able to:
• Describe how the Endpoint Protection Manager (SEPM) communicates with clients and make appropriate changes as necessary.
• Design and create Endpoint Protection group structures to meet the needs of your organization.
• Respond to threats using SEPM monitoring and reporting.
• Analyze the content delivery system (LiveUpdate).
• Configure Group Update Providers.
• Create location aware updates.
• Secure endpoints against network and file-based threats
• Control endpoint integrity and compliance
• Enforce an adaptive security posture
This course assumes that students have a basic understanding of advanced computer terminology, including TCP/IP networking and Internet terms, and an administrator-level knowledge of Microsoft Windows operating systems.
Module 1: Managing Console Access and Delegating Authority
• Creating Administrator Accounts
• Managing Administrator Accounts
• Configuring Directory Server Authentication for an Administrator Account
Module 2: Managing Client-to-Server Communication
• Analyzing Client-to-SEPM Communication
• Restoring Communication Between Clients and SEPM
• Verifying Clients are Online with the SEPM
Module 3: Managing Client Architecture and Active Directory Integration
• Describing the Interaction Between Sites, Domains, and Groups
• Managing Groups, Locations, and Shared Policies
• Importing Active Directory Organizational Units (OUs)
• Controlling Access to Client User Interface Settings
Module 4: Managing Clients and Responding to Threats
• Introducing the Clients View
• Monitoring SEP Clients Using the Clients View
• Responding to Incidents Using the Clients View
Module 5: Monitoring the Environment and Responding to Threats
• Monitoring Critical Log Data Using the Summary page
• Identifying New Incidents Using the Logs Page
• Monitoring Actions Sent to Clients Using the Command Status View
• Configuring Notifications
Module 6: Creating Incident and Health Status Reports
• Monitoring Critical Data Using the Reports Page
• Identifying New Incidents Using Quick Reports and Filters
• Configuring Scheduled Reports
Module 7: Introducing Content Updates Using LiveUpdate
• Describing the LiveUpdate Ecosystem
• Configuring LiveUpdate
• Troubleshooting LiveUpdate
• Examining the Need for an Internal LiveUpdate Administrator Server
• Configuring an Internal LiveUpdate Administrator Server
Module 8: Analyzing the SEPM Content Delivery System
• Describing Content Updates
• Configuring LiveUpdate on the SEPM
• Monitoring a LiveUpdate Session
• Managing Content on the SEPM
• Monitoring Content Distribution for Clients
Module 9: Managing Group Update Providers
• Introducing Group Update Providers
• Adding Group Update Providers
• Adding Multiple Group Update Providers and Configuring Explicit Group Update Providers
• Identifying and Monitoring Group Update Providers
Module 10: Manually Downloading Certified and Rapid Release Definitions
• Downloading Certified SEPM Definitions from Symantec Security Response
• Downloading Certified Windows Client Definitions from Symantec Security Response
• Downloading Rapid Release Definitions from Symantec Security Response
• Downloading Certified and Rapid Release Definitions from Symantec Security Response for Mac and Linux Clients
• Locating Statically Named Definitions
Module 11: Protecting Against Network Attacks and Enforcing Corporate Policies using the Firewall Policy
• Preventing Network Attacks
• Examining Firewall Policy Elements
• Creating Custom Firewall Rules
• Enforcing a Corporate Security Policy with FirewallRules
• Configuring Advanced Firewall Features
Module 12: Blocking Network Threats with Intrusion Prevention
• Introducing Intrusion Prevention Technologies
• Configuring the Intrusion Prevention Policy
• Managing Custom Signatures
• Monitoring Intrusion Prevention Events
Module 13: Protecting Against Memory-Based Attacks
• Memory Exploit Mitigation
• Configuring the Memory Exploit Mitigation Policy
• Preventing Defense Evasion
Module 14: Preventing Attacks with SEP Layered Security
• Virus and Spyware Protection
• File Reputation
• Insight Lookup
• Emulator and Machine Learning Engine
• Download Insight
• Auto-Protect Scans
• SONAR
• Administrator-defined Scans
Module 15: Securing Windows Clients
• Platform and Virus and Spyware Protection PolicyOverview
• Tailoring scans to meet an environment’s needs
•Ensuring real-time protection for clients
•Detecting and remediating risks in downloaded files
•Identifying zero-day and unknown threats
• Preventing email from downloading malware
• Configuring advanced options
• Monitoring virus and spyware activity
Module 16: Securing Linux Clients
• Navigating the Linux Client
• Configuring Virus and Spyware Settings for LinuxClients
• Monitoring Linux Clients
• SEP for Linux Logs
Module 17: Securing Mac Clients
• Touring SEP for Mac Client
• Securing Mac Clients
• Monitoring Mac Clients
• SEP Logs on Mac Clients
Module 18: Providing Granular Control with Host Integrity
• Introducing Host Integrity
• Host Integrity Concepts
• Configuring Host Integrity
• Troubleshooting Host Integrity
• Monitoring Host Integrity
Module 19: Controlling Application and File Access
• Application Control Overview
• Application Control Concepts
• Configuring Application Control
• Monitor Application Control Events
Module 20: Restricting DeviceAccess for Windows and Mac Clients
• Introducing Device Control
• Windows Device Control Concepts
• Mac Device Control Concepts
• Configuring Device Control
• Monitoring Device Control Events
Module 21: Hardening Clients with System Lockdown
• Describing System Lockdown
• Creating and Managing the File Fingerprint List
• System Lockdown use cases
Module 22: Customizing Protection Based on User Location
• Creating Locations
• Adding Policies to Locations
• Monitoring Location Awareness
Module 23: Managing Security Exceptions
• Describing Security Exceptions
• Describing Automatic Exclusions
• Managing Exceptions
• Monitoring Security Exceptions
250-428: Administration of Symantec Endpoint Protection 14