Welcome to ONLC Training Centers


Symantec Endpoint Protection 14.x: Configure and Protect Course Outline

 (3 days)
Version 14.x

COURSE DESCRIPTION
The Symantec Endpoint Protection 14.x: Configure and Protect course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. This class brings context and examples of attacks and tools used by cybercriminals.

Delivery Method
Instructor-led

Duration
Three-days

Course Objectives
By the completion of this course, you will be able to:
• Secure endpoints against network and file-based threats
• Control endpoint integrity and compliance
• Enforce adaptive security posture

Who Should Attend
Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14

Special Note to New Hampshire Residents
This course has not yet been approved by the State's Department of Education. Please contact us to get an update as to when the class should be available in New Hampshire.

Prerequisites
You must have a working knowledge of advanced computer terminology, including TCP/IP networking terms, Internet terms, and an administrator-level knowledge of Microsoft Windows operating systems.

Hands-On
This course includes practical hands-on exercises and demonstrations that enable you to test your new skills and begin to use those skills in a working environment.

COURSE OUTLINE

Introduction
• Course environment
• Lab environment

Securing Endpoints against Network-Based Attacks

Introducing Network Threats
 Describing how Symantec Endpoint Protection protects each layer of the network stack
 Discovering the tools and methods used by attackers
 Describing the stages of an attack

Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy
 Preventing network attacks
 Examining Firewall Policy elements
 Evaluating built-in rules
 Creating custom firewall rules
 Enforcing corporate security policy with firewall rules
 Blocking network attacks using protection and stealth settings
 Configuring advanced firewall feature

Blocking Threats with Intrusion Prevention
 Introducing Intrusion Prevention technologies
 Configuring the Intrusion Prevention policy
 Managing custom signatures
 Monitoring Intrusion Prevention events

Securing Endpoints against File-Based Threats

Introducing File-Based Threats
 Describing threat types
 Discovering how attackers disguise their malicious applications
 Describing threat vectors
 Describing Advanced Persistent Threats and a typical attack scenario
 Following security best practices to reduce risks

Preventing Attacks with SEP Layered Security
 Virus and Spyware protection needs and solutions
 Describing how Symantec Endpoint Protection protects each layer of the network stack
 Examining file reputation scoring
 Describing how SEP protects against zero-day threats and threats downloaded through files and email
 Describing how endpoints are protected with the Intelligent Threat Cloud Service
 Describing how the emulator executes a file in a sandbox and the machine learning engine’s role and function

Securing Windows Clients
 Platform and Virus and Spyware Protection policy overview
 Tailoring scans to meet an environment’s needs
 Ensuring real-time protection for clients
 Detecting and remediating risks in downloaded files
 Identifying zero-day and unknown threats
 Preventing email from downloading malware
 Configuring advanced options
 Monitoring virus and spyware activity

Securing Mac Clients
 Touring the SEP for Mac client
 Securing Mac clients
 Monitoring Mac clients

Securing Linux Clients
 Navigating the Linux client
 Tailoring Virus and Spyware settings for Linux clients
 Monitoring Linux clients

Controlling endpoint integrity and compliance

Providing Granular Control with Host Integrity
 Ensuring client compliance with Host Integrity
 Configuring Host Integrity
 Troubleshooting Host Integrity
 Monitoring Host Integrity

Controlling Application and File Access
 Describing Application Control and concepts
 Creating application rulesets to restrict how applications run
 Monitoring Application Control events

Restricting Device Access for Windows and Mac Clients
 Describing Device Control features and concepts for Windows and Mac clients
 Enforcing access to hardware using Device Control
 Discovering hardware access policy violations with reports, logs, and notifications

Hardening Clients with System Lockdown
 What is System Lockdown?
 Determining to use System Lockdown in Whitelist or Blacklist mode
 Creating whitelists for blacklists
 Protecting clients by testing and Implementing System Lockdown

Enforcing Adaptive Security Posture

Customizing Policies based on Location
 Creating locations to ensure the appropriate level of security when logging on remotely
 Determining the criteria and order of assessment before assigning policies
 Assigning policies to locations
 Monitoring locations on the SEPM and SEP client

Managing Security Exceptions
 Creating file and folder exceptions for different scan types
 Describing the automatic exclusion created during installation
 Managing Windows and Mac exclusions
 Monitoring security exceptions
View outline in Word

SC1412

Attend hands-on, instructor-led Symantec Endpoint Protection 14.x: Configure and Protect training classes at ONLC's more than 300 locations. Not near one of our locations? Attend these same live classes from your home/office PC via our Remote Classroom Instruction (RCI) technology.

For additional training options, check out our list of Symantec Courses and select the one that's right for you.

Microsoft Gold Partner
Need a price quote?

Follow the link to our self-service price quote form to generate an email with a price quote.

Email Alert

Receive an email when this class is available as "Ready to Run" or "Early Notice" status.

Attend from your office or home

If you have high-speed internet and two computers you can likely take this class from your office or home.

Need a class for a group?

We can deliver this class for a private group at your location. Follow the link to request more information.

Attend computer classes from ONLC Training Centers Request a copy via mail

GENERAL INFO

Class Format
Class Policies
Student Reviews

Bookmark and Share


HAVE QUESTIONS?
First Name

Last Name

Company

Phone

Email

Location

Question/Comment



ONLC TRAINING CENTERS
800-288-8221
www.onlc.com