Course Details
The SSFAMP-Protecting Against Malware Threats with Cisco AMP for Endpoints v5.0 course is a 3-day course that is designed to teach students how to implement and use this powerful solution through a number of step-by-step attack scenarios. Students will learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. Students will also analyze malware detections using the tools available in the AMP for Endpoints console.
Topics covered in the course include:
- Identifying the key components and methodologies of Cisco Advanced Malware Protection (AMP)
- Recognize the key features and concepts of the AMP for Endpoints product
- Navigating the AMP for Endpoints console interface and performing first-use setup tasks
- Identifying and using the primary analysis features of AMP for Endpoints
- Using the AMP for Endpoints tools to analyze a compromised host
- Describing malware terminology and recognize malware categories
- Analyzing files and events by using the AMP for Endpoints console and be able to produce threat reports
- Using the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
- Configuring and customizing AMP for Endpoints to perform malware detection
- Creating and configuring a policy for AMP protected endpoints
- Planning, deploying, and troubleshooting an AMP for Endpoints installation
- Describing the AMP Representational State Transfer (REST) API and the fundamentals of its use
- Describing all the features of the Accounts menu for both public and private cloud installations
Target Student:
- Security administrators
- Security consultants
- Network administrators
- Systems engineers
- Technical support personnel
- Cisco integrators, resellers, and partners
Prerequisites:
- Technical understanding of TCP/IP networking and network architecture
- Technical understanding of security concepts and protocols
- Introduction to Cisco AMP Technologies
- AMP for Endpoints Overview and Architecture
- Console Interface and Navigation
- Using AMP for Endpoints
- Detecting an Attacker — A Scenario
- Modern Malware
- Analysis
- Analysis Case Studies
- Outbreak Control
- Endpoint Policies
- AMP REST API
- Accounts
- Request Cisco AMP for Endpoints User Account (e-learning version only)
- Accessing AMP for Endpoints
- Attack Scenario
- Attack Analysis
- Analysis Tools and Reporting
- Zbot Analysis
- Outbreak Control
- Endpoint Policies
- Groups and Deployment
- Testing Your Policy Configuration
- REST API
- User Accounts (optional)
- Technical understanding of TCP/IP networking and network architecture
- Technical understanding of security concepts and protocols
Available 24/7
Professional Instruction
Free Training Materials
Testimonials
This was the class I needed.
The instructor Jeff took his time and made sure we understood each topic before moving to the next. He answered all of our questions, and I don't know about the rest of the students, but was very pleased with this experience.
I finally understand how to use Excel.
-Amanda T (Yale New Haven Hospital).
Great class!
We were able to cover a lot of information in one day without getting overwhelmed.
-Maria R (Microsoft).
Free Repeats
Learn At Your Pace
No Travel
Professional Instruction
Affordable Pricing
Group Discounts
