Symantec Endpoint Detection and Response 4.2 Administration Course Outline

COURSE DESCRIPTION
The Endpoint Detection and Response 4.2 Administration course is designed for the IT security professional in a Security Operations role. This class covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response.

Duration 2 days

Course Objectives
By the completion of this course, you will be able to:
• Identify evidence of suspicious and malicious activity
• Searching for Indicators of Compromise
• Block, Isolate, and Remove threats in the Environment
• Collect Forensic Information

Who Should Attend
The Endpoint Detection and Response 4.2 Administration course is intended for students who wish to perform Incident Response activities with Symantec Endpoint Detection and Response.

Prerequisites
This course assumes that students familiar with Endpoint Detection & Response methodology and who are familiar with Symantec Endpoint Protection.

COURSE OUTLINE

Module 1: Evolving Threat Landscape
• Challenges of Endpoint Detection and Response in the environment
• How Symantec Endpoint Detection and Response meets those challenges

Module 2: Increase the visibility of suspicious and malicious activity in the environment
• Understanding Suspicious & Malicious Activity
• Prerequisite SEDR configuration or considerations
• Identifying evidence of suspicious/malicious activity with SEDR
• Proactive Security Incident Notification with SEDR
• Understanding Indicators of Compromise
• Searching for Indicators of Compromise with SEDR

Module 3: Decreasing Security Risk by Responding to Threats in the Environment
• Prerequisite configuration or considerations
• Methods used to Isolate threats
• Isolating threats using SEDR
• Methods Used to Block threats
• Blocking threats using SEDR
• Methods used to remove threats
• Removing threats using SEDR

Module 4: Collecting and Reporting forensic data for further investigation of security incidents
• Prerequisite configuration or considerations
• Information Collected by SEDR
• Collecting forensic information using SEDR
• Creating reports with SEDR

View outline in Word

N34556

Attend hands-on, instructor-led Symantec Endpoint Detection and Response 4.2 Administration training classes at ONLC's more than 300 locations. Not near one of our locations? Attend these same live classes from your home/office PC via our Remote Classroom Instruction (RCI) technology.

For additional training options, check out our list of Symantec Courses and select the one that's right for you.