Nous serions heureux de vous conseiller !
+33 1 84 19 32 26     info@flane.fr

Formations en ligne en classe virtuelle, e-learning
et autres méthodes pour votre télétravail

En savoir plus

Check Point Sandblast Zero-day Protection – Workshop (SB)

 

Résumé du cours

Zero-day and advanced persistent threats use the element of surprise to bypass traditional security, making these threats difficult to protect against—and very popular with hackers. Traditional sandboxing was designed to help with these types of threats, but cybercriminals have evolved their techniques, creating evasive malware that can avoid detection by many sandbox solutions. As a result, many organizations find themselves taking reactive steps to counteract infection, rather than preventing it in the first place. To get ahead, enterprises need a multi-faceted prevention strategy that combines proactive protection that eliminates threats before they reach users, and state-of-the-art CPU-level exploit detection to expose even the most highly camouflaged threats.

Moyens Pédagogiques :
  • Réalisation de la formation par un formateur agréé par l’éditeur
  • Formation réalisable en présentiel ou en distanciel
  • Mise à disposition de labs distants/plateforme de lab pour chacun des participants (si applicable à la formation)
  • Distribution de supports de cours officiels en langue anglaise pour chacun des participants
    • Il est nécessaire d'avoir une connaissance de l'anglais technique écrit pour la compréhension des supports de cours
  • Accessibilité aux Personnes en Situation de Handicap – nous contacter
Moyens d'évaluation :
  • Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module
  • Évaluation sous forme de questionnaire à l’issue de la formation

Objectifs

Provide an understanding of basic concepts and skills necessary to configure and implement Check Point SandBlast technology.

Threat Anatomy

  • Discuss the current threat landscape and security challenges
  • Understand the components of an attack
  • Learn how threat actors avoid traditional security methods
  • Understand CPU and OS-level sandbox technologies

SandBlast Threat Emulation

  • Identify the different SandBlast Zero-Day components
  • Discuss various file emulation processes and mechanisms
  • Understand the three file emulation deployment options

SandBlast Threat Extraction

  • Understand how SandBlast Zero-Day Protection protects organizations from threats via Threat Extraction
  • Learn essential Threat Extraction settings and configurations

ThreatCloud Emulation Service

  • Learn how file emulation works when using ThreatCloud
  • Discuss the different ThreatCloud components.

Contenu

COURSE TOPICS

  • Threat Anatomy
  • SandBlast Threat Emulation
  • SandBlast Threat Extraction
  • ThreatCloud Emulation Service
  • Deployment Scenarios • SandBlast Troubleshooting

LAB EXERCISES

Understanding Vulnerabilities

  • Learn about software vulnerabilities.
  • Understand the CVSS scores for vulnerabilities.
  • See how malware can bypass sandboxing

Working with Threat Emulation

  • Activate local emulation and make the system ready to emulate files
  • Use the command line to emulate files from the local file system
  • View Threat Emulation logs using SmartView Tracker
  • View and create reports using SmartEvent

Confirm the Security Gateway acts as an MTA Working with Threat Extraction

  • Activate Threat Extraction on an MTA-enabled Security Gateway
  • Confirm how Threat Extraction delivers safe content. Working with ThreatCloud
  • Identify how to configure Security Gateway to offload file emulation to ThreatCloud
  • Review the related forensic report
Formation en salle équipée

Durée 1 jour

Prix (Hors Taxe)
  • France: 720,– €

Actuellement aucune session planifiée