Duration
3 Days
18 CPD hours
About this course
This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14.
Overview
At the completion of the course, you will be able to:
Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy.
Blocking Threats with Intrusion Prevention.
Introducing File-Based Threats.
Preventing Attacks with SEP.
Layered Security. Securing Windows Clients.
Secure Mac Clients. Secure Linux Clients.
Controlling Application and File Access.
Restricting Device Access for Windows and Mac Clients.
Hardening Clients with System Lockdown.
Customizing Policies based on Location.
Managing Security Exceptions.
Description
This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14.
Introduction- Course environment
Lab environment
Introducing Network Threats- Describing how Symantec Endpoint Protection protects each layer of the network stack
Discovering the tools and methods used by attackers
Describing the stages of an attack
Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy- Preventing network attacks
Examining Firewall Policy elements
Evaluating built-in rules
Creating custom firewall rules
Enforcing corporate security policy with firewall rules
Blocking network attacks using protection and stealth settings
Configuring advanced firewall feature
Blocking Threats with Intrusion Prevention- Introducing Intrusion Prevention technologies
Configuring the Intrusion Prevention policy
Managing custom signatures
Monitoring Intrusion Prevention events
Introducing File-Based Threats- Describing threat types
Discovering how attackers disguise their malicious applications
Describing threat vectors
Describing Advanced Persistent Threats and a typical attack scenario
Following security best practices to reduce risks
Preventing Attacks with SEP Layered Security- Virus and Spyware protection needs and solutions
Describing how Symantec Endpoint Protection protects each layer of the network stack
Examining file reputation scoring
Describing how SEP protects against zero-day threats and threats downloaded through files and email
Describing how endpoints are protected with the Intelligent Threat Cloud Service
Describing how the emulator executes a file in a sandbox and the machine learning engines role and function
Securing Windows Clients- Platform and Virus and Spyware Protection policy overview
Tailoring scans to meet an environments needs
Ensuring real-time protection for clients
Detecting and remediating risks in downloaded files
Identifying zero-day and unknown threats
Preventing email from downloading malware
Configuring advanced options
Monitoring virus and spyware activity
Securing Mac Clients- Touring the SEP for Mac client
Securing Mac clients
Monitoring Mac clients
Securing Linux Clients- Navigating the Linux client
Tailoring Virus and Spyware settings for Linux clients
Monitoring Linux clients
Providing Granular Control with Host Integrity- Ensuring client compliance with Host Integrity
Configuring Host Integrity
Troubleshooting Host Integrity
Monitoring Host Integrity
Controlling Application and File Access- Describing Application Control and concepts
Creating application rulesets to restrict how applications run
Monitoring Application Control events
Restricting Device Access for Windows and Mac Clients- Describing Device Control features and concepts for Windows and Mac clients
Enforcing access to hardware using Device Control
Discovering hardware access policy violations with reports, logs, and notifications
Hardening Clients with System Lockdown- What is System Lockdown
Determining to use System Lockdown in Whitelist or Blacklist mode
Creating whitelists for blacklists
Protecting clients by testing and Implementing System Lockdown
Customizing Policies based on Location- Creating locations to ensure the appropriate level of security when logging on remotely
Determining the criteria and order of assessment before assigning policies
Assigning policies to locations
Monitoring locations on the SEPM and SEP client
Managing Security Exceptions- Creating file and folder exceptions for different scan types
Describing the automatic exclusion created during installation
Managing Windows and Mac exclusions
Monitoring security exceptions
Additional course details:
Nexus Humans Symantec Endpoint Protection 14.X - Configure And Protect training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.
This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.
Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.
While we feel this is the best course for the Symantec Endpoint Protection 14.X - Configure And Protect course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.
Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.