In this course, you will learn how to use Trend Micro Apex Central™. This course covers basic
architecture, deployment scenarios, agent registration functions, operation center tasks, product
directory and policy management, Trend Micro Connected Threat Defense integration, and threat
management tasks, including log analysis and reporting.
This course incorporates a variety of hands-on exercises, allowing participants to practice using key
Apex Central administrative and threat management functions, which includes setting up endpoint
detection and response.
Key concepts, methodologies, and best practices covered in this course give participants what they
need for a successful implementation and long-term maintenance of Apex Central.

After completing this course, participants will be able to:
•• Describe the purpose, features, functions, and capabilities of Apex Central
•• Define the components that make up Apex Central and the system architecture
•• Deploy Apex Central, and register managed products
•• Manage user accounts and groups, as well as perform common administrative functions
•• Identify the different policy types and how they are used
•• Create and deploy Trend Micro Apex One™ policies to Apex One Security Agents using Apex Central
•• View compliance status and critical threat information in the Operation Center using report lines or sites
•• Integrate with other Trend Micro products to utilize the Connected Threat Defense and detect emerging malware
•• Implement endpoint detection and response functionality
•• Generate customized log queries to view different threat and system events for managed products
•• Analyze event information, and generate various on-demand and scheduled threat reports
•• Troubleshoot common issues

This course is designed for IT professionals
responsible for protecting endpoint
computers from data breaches and
targeted attacks.
This includes those involved with:
•• Operations
•• Deployment
•• Security Response
•• Compliance

There are no prerequisites to attend this course, however, a working knowledge of Trend
Micro products and services, as well as an understanding of basic networking concepts
and principles will be helpful.
Basic knowledge of the following topics is also beneficial:
•• Windows® servers and clients
•• Microsoft® Internet Information Server (IIS)
•• General understanding of malware
Participants are required to bring a laptop computer with a recommended screen resolution of at
least 1980 x 1080 or above, and a display size of 15” or above.

The course topics in this training are divided into the following lessons:

Product Overview
•• Key Features of Apex Central
•• Apex Central components and
management modes
•• Apex Central communication ports
Apex Central
•• System requirements and deployment
planning
•• Planning for Apex Central network traffic
•• Apex Central services and database
•• Apex Central automation application
programming interfaces (APIs)
•• Installing Apex Central
Performing Administrative Functions
•• Accessing the Apex Central web console
•• Managing user accounts and
two-factor authentication
•• Using command tracking
•• Managing licenses
•• Configuring event notifications
•• System and component updates
•• Forwarding Apex Central logs to syslog
servers
Registering Products and Managing the
Apex Central Product Directory
•• Adding products to Apex Central
•• Registering cloud and software as a service
(SaaS) products
•• Single sign-on
•• Managing the Apex Central product
directory
•• Deploying commands to managed
products
Apex Central Operation Center
•• Active directory settings
•• Compliance indicators
•• User/endpoint management
•• Custom tags and filters
•• Search filters
Deploying Policies to
Managed Products
•• Defining policy settings
•• Deploying policies through Apex Central
•• Removing policies
•• Data loss prevention (DLP) and data
discovery policies
Detecting Malware Through the
Connected Threat Defense
•• Requirements for Connected Threat
Defense
•• How Connected Threat Defense works
•• Suspicious object list management
•• Connected threat integration for
suspicious objects
Investigating Threats with Endpoint
Detection and Response
•• Integrated endpoint sensor
•• Incident response model
Preliminary assessment
Root cause analysis
Incident response
Detailed investigation
Attack discovery
•• Managed detection and response
Event Logs
•• Performing a log query
•• Event types
•• Query results
•• Log aggregation and deleting logs
Apex Central Reporting
•• Generating a report
•• Report maintenance
•• Customized reports
What’s New in Apex Central

Participants are not required to complete an exam for this course, as this training is not included in
the Trend Micro Certified Professional Track.