This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14.

starstarstarstarstar

* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

At the completion of the course, you will be able to:
Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy.
Blocking Threats with Intrusion Prevention.
Introducing File-Based Threats.
Preventing Attacks with SEP.
Layered Security. Securing Windows Clients.
Secure Mac Clients. Secure Linux Clients.
Controlling Application and File Access.
Restricting Device Access for Windows and Mac Clients.
Hardening Clients with System Lockdown.
Customizing Policies based on Location.
Managing Security Exceptions.

1

  • Introduction

  • Course environment
    Lab environment
2

  • Introducing Network Threats

  • Describing how Symantec Endpoint Protection protects each layer of the network stack
    Discovering the tools and methods used by attackers
    Describing the stages of an attack
3

  • Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy

  • Preventing network attacks
    Examining Firewall Policy elements
    Evaluating built-in rules
    Creating custom firewall rules
    Enforcing corporate security policy with firewall rules
    Blocking network attacks using protection and stealth settings
    Configuring advanced firewall feature
4

  • Blocking Threats with Intrusion Prevention

  • Introducing Intrusion Prevention technologies
    Configuring the Intrusion Prevention policy
    Managing custom signatures
    Monitoring Intrusion Prevention events
5

  • Introducing File-Based Threats

  • Describing threat types
    Discovering how attackers disguise their malicious applications
    Describing threat vectors
    Describing Advanced Persistent Threats and a typical attack scenario
    Following security best practices to reduce risks
6

  • Preventing Attacks with SEP Layered Security

  • Virus and Spyware protection needs and solutions
    Describing how Symantec Endpoint Protection protects each layer of the network stack
    Examining file reputation scoring
    Describing how SEP protects against zero-day threats and threats downloaded through files and email
    Describing how endpoints are protected with the Intelligent Threat Cloud Service
    Describing how the emulator executes a file in a sandbox and the machine learning engine’s role and function
7

  • Securing Windows Clients

  • Platform and Virus and Spyware Protection policy overview
    Tailoring scans to meet an environment’s needs
    Ensuring real-time protection for clients
    Detecting and remediating risks in downloaded files
    Identifying zero-day and unknown threats
    Preventing email from downloading malware
    Configuring advanced options
    Monitoring virus and spyware activity
8

  • Securing Mac Clients

  • Touring the SEP for Mac client
    Securing Mac clients
    Monitoring Mac clients
9

  • Securing Linux Clients

  • Navigating the Linux client
    Tailoring Virus and Spyware settings for Linux clients
    Monitoring Linux clients
10

  • Providing Granular Control with Host Integrity

  • Ensuring client compliance with Host Integrity
    Configuring Host Integrity
    Troubleshooting Host Integrity
    Monitoring Host Integrity
11

  • Controlling Application and File Access

  • Describing Application Control and concepts
    Creating application rulesets to restrict how applications run
    Monitoring Application Control events
12

  • Restricting Device Access for Windows and Mac Clients

  • Describing Device Control features and concepts for Windows and Mac clients
    Enforcing access to hardware using Device Control
    Discovering hardware access policy violations with reports, logs, and notifications
13

  • Hardening Clients with System Lockdown

  • What is System Lockdown?
    Determining to use System Lockdown in Whitelist or Blacklist mode
    Creating whitelists for blacklists
    Protecting clients by testing and Implementing System Lockdown
14

  • Customizing Policies based on Location

  • Creating locations to ensure the appropriate level of security when logging on remotely
    Determining the criteria and order of assessment before assigning policies
    Assigning policies to locations
    Monitoring locations on the SEPM and SEP client
15

  • Managing Security Exceptions

  • Creating file and folder exceptions for different scan types
    Describing the automatic exclusion created during installation
    Managing Windows and Mac exclusions
    Monitoring security exceptions

Audience

This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14.

Language

English

Prerequisites

While there are no prerequisites for this course, please ensure you have the right level of experience to be successful in this training.

$2,700

Length: 3.0 days (24 hours)

Level:

Not Your Location? Change

Course Schedule:

To request a custom delivery, please chat with an expert.

Loading...