Wir beraten Sie gerne!
+49 40 253346-10     Kontakt
> > > SATP Detaillierte Beschreibung

Symantec Advanced Threat Protection (SATP)

Detaillierter Kursinhalt

Introduction

  • Course overview
  • The classroom lab environment

Strengthening your Cybersecurity Framework [/b]

  • Advanced Persistent Threat (APTs) review
  • Stages of an Attack
  • Preventative steps as defined by STAR/Security Response
  • Cybersecurity core functions

Introducing Advanced Threat Protection

  • Introduction
  • Shared technologies
  • Examining the ATP architecture and sizing guide
  • Becoming familiar with Symantec ATP
  • Creating ATP accounts
  • Describing views and data analysis per incident response role

Optimizing your ATP Environment

  • Configuring Global Settings
  • Configuring ATP:Email correlation
  • Configuring Symantec Endpoint Protection correlation
  • Configuring ATP and SEP Detection and Response configuration

Analyzing Events and Incidents to Identify Indicators of Compromise

  • ATP detection overview
  • Viewing events that occur in your environment
  • Analyzing Incidents
  • Analyzing the dashboard
  • Searching for indicators of compromise (IOC)

Preparing your Endpoint Environment for Incident Response

  • Configure Host Integrity and Quarantine Firewall policies for ATP’s Isolate and Rejoin feature
  • Configure the Virus and Spyware policy for High Security mode

Remediating and Isolating threats

  • Isolating breached endpoints
  • Remediating malicious files and reducing false positives
  • Responding to threats by blacklisting suspicious addresses
  • Examining case studies

Recovering After an Incident

  • Recovery best practices
  • Gathering information for reporting
  • Creating a Lessons Learned report
 

Cookies verbessern unsere Services. Durch die Benutzung unserer Website erklären Sie sich mit unserer Verwendung von Cookies einverstanden.   Verstanden.