This course is designed to provide you with the fundamental know ledge to configure and administer the Symantec Data Loss Prevention Enforce platform.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

At the completion of the course, you will be able to: Enforce server, detection servers, and DLP Agents as well as reporting, workflow, incident response management, policy management and detection, response management, user and role administration, directory integration, and filtering.

  • Introduction to Symantec Data Loss Prevention

  • Symantec Data Loss Prevention overview
    Symantec Data Loss Prevention architecture

  • Navigation and Reporting

  • Navigating the user interface
    Reporting and analysis
    Report navigation, preferences, and features
    Report filters
    Report commands
    Incident snapshot
    Incident Data Access
    Hands-on labs: Become familiar with navigation and tools in the user interface. Create, filter, summarize, customize, and distribute reports. Create users, roles, and attributes.

  • Incident Remediation and Workflow

  • Incident remediation and w orkf low
    Managing users and attributes
    Custom attribute lookup
    User Risk Summary
    Hands-on labs: Remediate incidents and configure a user’s reporting preferences

  • Policy Management

  • Policy overview
    Creating policy groups
    Using policy templates
    Building policies
    Policy development best practices
    Hands-on labs: Use policy templates and policy builder to configure and apply new policies

  • Response Rule Management

  • Response rule overview
    Configuring Automated Response rules
    Configuring Smart Response rules
    Response rule best practices
    Hands-On Labs: Create and use Automated and Smart Response rules

  • Described Content Matching

  • DCM detection methods
    Hands-on labs: Create policies that include DCM and then use those policies to capture incidents

  • Exact Data Matching and Directory Group Matching

  • Exact data matching (EDM)
    Advanced EDM
    Directory group matching (DGM)
    Hands-on labs: Create policies that include EDM and DGM, and then use those policies to capture incident

  • Indexed Document Matching

  • Indexed document matching (IDM)
    Hands-on labs: Create policies that include IDM rules and then use those policies to capture incidents

  • Vector Machine Learning

  • Vector Machine Learning (VML)
    Hands-on labs: Create a VML profile, import document sets, and create a VML policy

  • Network Monitor

  • Review of Network Monitor
    Traffic filtering
    Network Monitor best practices
    Hands-On Labs: Apply IP and L7 filters

  • Network Prevent

  • Network Prevent overview
    Introduction to Network Prevent (Email)
    Introduction to Network Prevent (Web)
    Hands-On Labs: Configure Network Prevent (E-mail) response rules, incorporate them into policies, and use the policies to capture incidents

  • Mobile Email Monitor and Mobile Prevent

  • Introduction to Mobile Email Monitor
    Mobile Prevent overview
    VPN configuration
    Policy and Response Rule Creation
    Reporting and Remediation

  • Network Discover and Network Protect

  • Network Discover and Network Protect overview
    Configuring Discover targets
    Configuring Box cloud targets
    Protecting data
    Auto-discovery of servers and shares
    Running and managing scans
    Reports and remediation
    Network Discover and Network Protect best practices
    Hands-on labs: Create and run a filesystem target using various response rules, including quarantining

  • Endpoint Prevent

  • Endpoint Prevent overview
    Detection capabilities at the Endpoint
    Configuring Endpoint Prevent
    Creating Endpoint response rules
    Viewing Endpoint Prevent incidents
    Endpoint Prevent best practices
    Managing DLP Agents
    Hands-on labs: Create Agent Groups and Endpoint response rules, monitor and block Endpoint actions, view Endpoint incidents, and use the Enforce console to manage DLP Agents

  • Endpoint Discover

  • Endpoint Discover overview
    Creating and running Endpoint Discover targets
    Using Endpoint Discover reports and reporting features
    Hands-on labs: Create Endpoint Discover targets, run Endpoint Discover targets, and view Endpoint Discover incidents

  • Enterprise Enablement

  • Preparing for risk reduction
    Risk reduction
    DLP Maturity model

  • System Administration

  • Server administration
    Language support
    Incident Delete
    Credential management
    Diagnostic tools
    Troubleshooting scenario
    Getting support
    Hands-on labs: Interpret event reports and traffic reports, configure alerts, and use the Log Collection and Configuration tool


This course is intended for anyone responsible for conf iguring, maintaining, and troubleshooting Symantec Data Loss Prevention. Additionally, this course is intended for technical users responsible for creating and maintaining Symantec Data Loss Prevention policies and the incident response structure.




While there are no prerequisites for this course, please ensure you have the right level of experience to be successful in this training.


Length: 5.0 days (40 hours)


Not Your Location? Change

Course Schedule:

To request a custom delivery, please chat with an expert.