Symantec Endpoint Protection 14.x: Configure and Protect (SEPCP)

Ce cours remplace :

Symantec Endpoint Protection 14.x: Manage and Administer (SEPMA)
 
Moyens Pédagogiques :
  • Quiz pré-formation de vérification des connaissances (si applicable)
  • Réalisation de la formation par un formateur agréé par l’éditeur
  • Formation réalisable en présentiel ou en distanciel
  • Mise à disposition de labs distants/plateforme de lab pour chacun des participants (si applicable à la formation)
  • Distribution de supports de cours officiels en langue anglaise pour chacun des participants
    • Il est nécessaire d'avoir une connaissance de l'anglais technique écrit pour la compréhension des supports de cours
Moyens d'évaluation :
  • Quiz pré-formation de vérification des connaissances (si applicable)
  • Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
  • Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences

Pré-requis

You must have a working knowledge of advanced computer terminology, including TCP/IP networking terms, Internet terms, and an administrator-level knowledge of Microsoft Windows operating systems.

Objectifs

By the completion of this course, you will be able to:

  • Secure endpoints against network and filebased threats
  • Control endpoint integrity and compliance
  • Enforce adaptive security posture

Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14

This course includes practical hands-on exercises and demonstrations that enable you to test your new skills and begin to use those skills in a working environment.

Contenu

Introduction

  • Course environment
  • Lab environment

Securing Endpoints against Network-Based Attacks Introducing Network Threats

  • Describing how Symantec Endpoint Protection protects each layer of the network stack
  • Discovering the tools and methods used by attackers
  • Describing the stages of an attack
  • Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy
  • Preventing network attacks
  • Examining Firewall Policy elements
  • Evaluating built-in rules
  • Creating custom firewall rules
  • Enforcing corporate security policy with firewall rules
  • Blocking network attacks using protection and stealth settings
  • Configuring advanced firewall feature
  • Blocking Threats with Intrusion Prevention
  • Introducing Intrusion Prevention technologies
  • Configuring the Intrusion Prevention policy
  • Managing custom signatures
  • Monitoring Intrusion Prevention events

Securing Endpoints against File-Based Threats Introducing File-Based Threats

  • Describing threat types
  • Discovering how attackers disguise their malicious applications
  • Describing threat vectors
  • Describing Advanced Persistent Threats and a typical attack scenario
  • Following security best practices to reduce risks Preventing Attacks with SEP Layered Security
  • Virus and Spyware protection needs and solutions
  • Describing how Symantec Endpoint Protection protects each layer of the network stack
  • Examining file reputation scoring
  • Describing how SEP protects against zero-day threats and threats downloaded through files and email
  • Describing how endpoints are protected with the Intelligent Threat Cloud Service
  • Describing how the emulator executes a file in a sandbox and the machine learning engine’s role and function

Securing Windows Clients

  • Platform and Virus and Spyware Protection policy overview
  • Tailoring scans to meet an environment’s needs
  • Ensuring real-time protection for clients
  • Detecting and remediating risks in downloaded files
  • Identifying zero-day and unknown threats
  • Preventing email from downloading malware
  • Configuring advanced options
  • Monitoring virus and spyware activity

Securing Mac Clients

  • Touring the SEP for Mac client
  • Securing Mac clients
  • Monitoring Mac clients

Securing Linux Clients

  • Navigating the Linux client
  • Tailoring Virus and Spyware settings for Linux clients
  • Monitoring Linux clients

Controlling endpoint integrity and compliance Providing Granular Control with Host Integrity

  • Ensuring client compliance with Host Integrity
  • Configuring Host Integrity
  • Troubleshooting Host Integrity
  • Monitoring Host Integrity

Controlling Application and File Access

  • Describing Application Control and concepts
  • Creating application rulesets to restrict how applications run
  • Monitoring Application Control events

Restricting Device Access for Windows and Mac Clients

  • Describing Device Control features and concepts for Windows and Mac clients
  • Enforcing access to hardware using Device Control
  • Discovering hardware access policy violations with reports, logs, and notifications

Hardening Clients with System Lockdown

  • What is System Lockdown?
  • Determining to use System Lockdown in Whitelist or Blacklist mode
  • Creating whitelists for blacklists
  • Protecting clients by testing and Implementing System Lockdown.
  • Enforcing Adaptive Security Posture
  • Customizing Policies based on Location
  • Creating locations to ensure the appropriate level of security when logging on remotely
  • Determining the criteria and order of assessment before assigning policies
  • Assigning policies to locations

Managing Security Exceptions

  • Creating file and folder exceptions for different scan types
  • Describing the automatic exclusion created during installation
  • Managing Windows and Mac exclusions
  • Monitoring security exceptions

Prix & Delivery methods

Formation en ligne

Durée
3 jours

Prix
  • sur demande
Formation en salle équipée

Durée
3 jours

Prix
  • France : 2 184,– €

Actuellement aucune session planifiée