Protecting against Malware Threats with Cisco AMP for Endpoints

Duration: 
2 days
Codes: 
SSFAMP,AMP

Overview

Securing Cisco Network with Sourcefire FireAMP Endpoints is a lab-intensive course that introduces students to the powerful features of the FireAMP software. This two-day virtual class covers information on Sourcefire Advanced Malware Protection (AMP) technology, deployment, management and analysis.You will learn how to build and manage an AMP deployment, create policies for endpoint groups and deploy connectors. Users will also analyze malware detections using powerful tools available in the FireAMP console.This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage a FireAMP deployment.

Audience

This course is designed for technical professionals who need to know how to deploy and manage Cisco AMP for Endpoints software in their network environments.

Skills Gained

Module 1: Introduction to Cisco AMP Technologies

Module 2: AMP for Endpoints Overview and Architecture

Module 3: Console Interface and Navigation

Module 4: Using AMP for Endpoints

Module 5: Detecting an Attacker— A Scenario

Module 6: Modern Malware

Module 7: Analysis

Module 8: Analysis Case Studies

Module 9: Outbreak Control

Module 10: Endpoint Policies

Module 11: Groups and Deployment

Module 12: AMP REST API

Module 13: Accounts

Labs:

  • Lab 1: Accessing AMP for Endpoints
  • Lab 2: Attack Scenario
  • Lab 3: Attack Analysis
  • Lab 4: Analysis Tools and Reporting
  • Lab 5: Zbot Analysis
  • Lab 6: Outbreak Control
  • Lab 7: Endpoint Policies
  • Lab 8: Groups and Deployment
  • Lab 9: Testing Your Policy Configuration
  • Lab 10: REST API
  • Lab 11: User Accounts (optional)

Prerequisites

Attendees should meet the following prerequisites:

  • Technical understanding of TCP/IP networking and network architecture - ICND2 Recommended
  • Technical understanding of security concepts and protocols - IINS Recommended

Course Outline

After completing this course you should be able to:

  • Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
  • Recognize the key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Identify and use the primary analysis features of AMP for Endpoints
  • Use the AMP for Endpoints tools to analyze a compromised host
  • Describe malware terminology and recognize malware categories
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP-protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
  • Describe all the features of the Accounts menu for both public and private cloud installations

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

  • GREEN This class is Guaranteed To Run.
  • SPVC - Self-Paced Virtual Class.
  • Click a Date to Enroll.
Course Location Days Cost Date
Onsite
Onsite2 1000 £1000 2019-02-15
Glasgow
Glasgow2 1000 £1000 2019-02-18
Midlands
Birmingham2 1000 £1000 2019-02-18
Manchester
Manchester2 1000 £1000 2019-02-18