Description
The Course Name: SSFAMP – Protecting Against Malware Threats with Cisco AMP for Endpoints v4.0
The Duration : 3 Days
The Overview:
The purpose of this course is to teach participants how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors with analyzing malware detections using powerful tools available in the AMP for Endpoints console.
What You Will Learn:
Key components and methodologies of Cisco Advanced Malware Protection (AMP)
Key features and concepts of the AMP for Endpoints product
How to navigate the AMP for Endpoints console interface and perform first-use setup tasks
How to use the primary analysis features of AMP for Endpoints
How to use the AMP for Endpoints tools to analyze a compromised host
Malware terminology and recognize malware categories
Files and events by using the AMP for Endpoints console and be able to produce threat reports
How to use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
How to configure and customize AMP for Endpoints to perform malware detection
How to create and configure a policy for AMP-protected endpoints
How to plan, deploy, and troubleshoot an AMP for Endpoints installation
AMP Representational State Transfer (REST) API and the fundamentals of its use
Features of the Accounts menu for both public- and private-cloud installations
The Course Index:
- Introduction to Cisco AMP Technologies
- AMP for Endpoints Overview and Architecture
- Console Interface and Navigation
- Using AMP for Endpoints
- Scenario: Detecting an Attacker
- Modern Malware
- Analysis
- Analysis Case Studies
- Outbreak Control
- Endpoint Policies
- Groups and Deployment
- AMP REST API
- Accounts
Labs:
Lab 1: Accessing AMP for Endpoints
Lab 2: Attack Scenario
Lab 3: Attack Analysis
Lab 4: Analysis Tools and Reporting
Lab 5: Zbot Analysis
Lab 6: Outbreak Control
Lab 7: Endpoint Policies
Lab 8: Groups and Deployment
Lab 9: Testing Your Policy Configuration
Lab 10: REST API
Lab 11: User Accounts