138 Certified in Cybersecurity (CC) courses in South Normanton delivered Live Online

Duration 1 Days 6 CPD hours Overview The purpose of this document is to provide the learning outcomes for the course and the assessment criteria. It also provides an overview of the examination design in terms of the types of questions asked.Starting with Chapter 2, Digital Transformation, the BL 1 & 2 (for Bloom's Taxonomy 1 & 2) provides the number of questions that will appear on the exam. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explain what it means to ?become digital.? Discuss the difference between industrial and digital era enterprises. Explain how cybersecurity supports an organization?s digital transformation. Understanding cyber Risks Explain the cyber risk equation. Identify and explain each component of the cyber risk equation. Describe the basics of a risk assessment. NIST Cybersecurity Framework Fundamentals9 Explain the genesis of the NIST-CSF. List and describe the components of the NIST-CSF. Describe each of the NIST-CSF?s objectives. Core Functions, Categories & Subcategories Understand and explain the a.Core Functions b.Framework Categories c.Informative References. Implementation Tiers & Profiles Understand and explain Implementation Tier terms and their use. Understand and explain each Implementation Tier. Understand and describe the three risk categories Understand and explain Profiles and their use a.Current b.Target Understand and describe the use of Profiles when a.Determining gaps b.Identify & prioritize focus areas Cybersecurity Improvement Understand and explain how an organization can approach the adoption and adaptation of the NIST-CSF Understand and describe how to implement cybersecurity controls using an incremental improvement approach. Understand and describe CIIS as a practice within an organization.

Duration 1 Days 6 CPD hours This course is intended for Security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Enterprise EDR Identify the architecture and data flows for VMware Carbon Black Cloud Enterprise EDR communication Perform searches across endpoint data to discover suspicious behavior Manage watchlists to augment the functionality of VMware Carbon Black Cloud Enterprise EDR Create custom watchlists to detect suspicious activity in your environment Describe the process for responding to alerts in VMware Carbon Black Cloud Enterprise EDR Discover malicious activity within VMware Carbon Black Cloud Enterprise EDR Describe the different response capabilities available from VMware Carbon Black Cloud This course teaches you how to use the VMware Carbon Black© Cloud Enterprise EDR? product and leverage its capabilities to configure and maintain the system according to your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. Course Introduction Introductions and course logistics Course objectives Data Flows and Communication Hardware and software requirements Architecture Data flows Searching Data Creating searches Search operators Analyzing processes Analyzing binaries Advanced queries Managing Watchlists Subscribing Alerting Custom watchlists Alert Processing Alert creation Analyzing alert data Alert actions Threat Hunting in Enterprise EDR Cognitive Attack Loop Malicious behaviors Response Capabilities Using quarantine Using live response Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud Enterprise EDR training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud Enterprise EDR course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Organizations today demand a professional-level cybersecurity threat intelligence analyst who can extract the intelligence from data by implementing various advanced strategies. Such professional-level programs can only be achieved when the core of the curricula maps with and is compliant to government and industry published threat intelligence frameworks. Ethical Hackers Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers Threat Intelligence Analysts, Associates, Researchers, Consultants Threat Hunters SOC Professionals Digital Forensic and Malware Analysts Incident Response Team Members Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience. Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence. Individuals interested in preventing cyber threats. Overview This program will benefit students who are looking to build effective threat intelligence for their organization in order to combat modern-day cyber-attacks and prevent future attacks. Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence. Introduction to Threat Intelligence Understanding Intelligence Understanding Cyber Threat Intelligence Overview of Threat Intelligence Lifecycle and Frameworks Cyber Threats and Kill Chain Methodology Understanding Cyber Threats Understanding Advanced Persistent Threats (APTs) Understanding Cyber Kill Chain Understanding Indicators of Compromise (IoCs) Requirements, Planning, Direction, and Review Understanding Organization?s Current Threat Landscape Understanding Requirements Analysis Planning Threat Intelligence Program Establishing Management Support Building a Threat Intelligence Team Overview of Threat Intelligence Sharing Reviewing Threat Intelligence Program Data Collection and Processing Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management Overview of Threat Intelligence Feeds and Sources Understanding Threat Intelligence Data Collection and Acquisition Understanding Bulk Data Collection Understanding Data Processing and Exploitation Data Analysis Overview of Data Analysis Understanding Data Analysis Techniques Overview of Threat Analysis Understanding Threat Analysis Process Overview of Fine-Tuning Threat Analysis Understanding Threat Intelligence Evaluation Creating Runbooks and Knowledge Base Overview of Threat Intelligence Tools Intelligence Reporting and Dissemination Overview of Threat Intelligence Reports Introduction to Dissemination Participating in Sharing Relationships Overview of Sharing Threat Intelligence Overview of Delivery Mechanisms Understanding Threat Intelligence Sharing Platforms Overview of Intelligence Sharing Acts and Regulations Overview of Threat Intelligence Integration

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

Duration 2 Days 12 CPD hours This course is intended for Network analysts Network investigators Cisco integrators and partners Overview After taking this course, you should be able to: Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage Detail how to locate and mitigate email malware attacks Describe email phishing attacks and the steps taken to locate and mitigate them on the network Identify and mitigate data exfiltration threats on the network Identify malware threats on the network and mitigate those threats after investigation The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 course shows you how to identify, isolate, and mitigate network threats using the Cisco© Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution. Network Threat Investigation Introduction Network Attack Introduction Hunting Network Threats in the Enterprise Investigation and Mitigation of Email Malware Threats Examining Email Malware Threats Investigating and Verifying Email Malware Threat Mitigation Investigation and Mitigation of Email Phishing Threats Examining Email Phishing Attacks Configuring Cisco Email Security Appliance (ESA) for URL and Content Filtering Investigating and Verifying Email Phishing Threat Mitigation Investigation and Mitigation of Data Exfiltration Threats Exploiting Vulnerable Network Servers Investigating Data Exfiltration Threats Mitigating and Verifying Data Exfiltration Threats nvestigation and Mitigation of Malware Threats Examining Endpoint Malware Protection Investigating and Mitigating Endpoint Malware Threats

Duration 2 Days 12 CPD hours This course is intended for This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments. Overview Understand how to use Check Point diagnostic tools to determine the status of a network. Understand how to use network packet analyzers and packet capturing tools to evaluate network traffic.Become familiar with more advanced Linux system commands. Obtain a deeper knowledge of the Security Management architecture. Understand how the Management database is structured and how objects are represented in the database. Understand key Security Management Server processes and their debugs. Understand how GuiDBedit operates. Understand how the kernel handles traffic and how to troubleshoot issues with chain modules. Understand how to use the two main procedures for debugging the Firewall kernel and how they differ. Recognize User mode processes and how to interpret their debugs. Discuss how to enable and use core dumps. Understand the processes and components used for policy installs and processing packets in Access Control policies. Understand how to troubleshoot and debug issues that may occur with App Control and URLF. Understand how to debug HTTPS Inspection-related issues. Understand how to troubleshoot and debug Content Awareness issues. Understand how IPS works and how to manage performance issues. Understand how to troubleshoot Anti-Bot and Antivirus. Recognize how to troubleshoot and debug Site-to-Site VPN related issues. Understand how to troubleshoot and debug Remote Access VPNs. Understand how troubleshoot Mobile Access VPN issues. Recognize how to use SecureXL features and commands to enable and disable accelerated traffic. Understand how the server hardware and operating system affects the performance of Security Gateways. Understand how to evaluate hardware configurations for optimal performance. Provide advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment. Course Outline Advanced Troubleshooting Management Database and Processes Advanced Kernel Debugging User Mode Troubleshooting Advanced Access Control Understanding Threat Prevention Advanced VPN Troubleshooting Acceleration and Performance Tuning Additional course details: Nexus Humans CCTE Check Point Troubleshooting Expert training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCTE Check Point Troubleshooting Expert course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Pen Testers Ethical Hackers Network Auditors Cybersecurity Professionals Vulnerability Assessors Cybersecurity Managers IS Managers Overview A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system. You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system. Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants. In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. Once you have completed this course, you will have learned everything you need know know to move forward with a career in penetration testing. A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system.ÿ You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system.ÿ ÿ Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants.ÿ In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. Once you have completed this course, you will have learned everything you need know know to move forward with a career in penetration testing. Course Outline Business & Technical Logistics of Pen Testing Information Gathering Reconnaissance ? Passive (External Only) Detecting Live Systems ? Reconnaissance (Active) Banner Grabbing and Enumeration Automated Vulnerability Assessment Hacking Operating Systems Advanced Assessment and Exploitation Techniques Evasion Techniques Hacking with PowerShell Networks and Sniffing Accessing and Hacking Web Techniques Mobile and IoT Hacking Report Writing Basics

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). Describing the Cisco Email Security Appliance Cisco Email Security Appliance Overview Technology Use Case Cisco Email Security Appliance Data Sheet SMTP Overview Email Pipeline Overview Installation Scenarios Initial Cisco Email Security Appliance Configuration Centralizing Services on a Cisco Administering the Cisco Email Security Appliance Distributing Administrative Tasks System Administration Managing and Monitoring Using the Command Line Interface (CLI) Other Tasks in the GUI Advanced Network Configuration Using Email Security Monitor Tracking Messages Logging Controlling Sender and Recipient Domains Public and Private Listeners Configuring the Gateway to Receive Email Host Access Table Overview Recipient Access Table Overview Configuring Routing and Delivery Features Controlling Spam with Talos SenderBase and Anti-Spam SenderBase Overview Anti-Spam Managing Graymail Protecting Against Malicious or Undesirable URLs File Reputation Filtering and File Analysis Bounce Verification Using Anti-Virus and Outbreak Filters Anti-Virus Scanning Overview Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering Configuring the Appliance to Scan for Viruses Outbreak Filters How the Outbreak Filters Feature Works Managing Outbreak Filters Using Mail Policies Email Security Manager Overview Mail Policies Overview Handling Incoming and Outgoing Messages Differently Matching Users to a Mail Policy Message Splintering Configuring Mail Policies Using Content Filters Content Filters Overview Content Filter Conditions Content Filter Actions Filter Messages Based on Content Text Resources Overview Using and Testing the Content Dictionaries Filter Rules Understanding Text Resources Text Resource Management Using Text Resources Using Message Filters to Enforce Email Policies Message Filters Overview Components of a Message Filter Message Filter Processing Message Filter Rules Message Filter Actions Attachment Scanning Examples of Attachment Scanning Message Filters Using the CLI to Manage Message Filters Message Filter Examples Configuring Scan Behavior Preventing Data Loss Overview of the Data Loss Prevention (DLP) Scanning Process Setting Up Data Loss Prevention Policies for Data Loss Prevention Message Actions Updating the DLP Engine and Content Matching Classifiers Using LDAP Overview of LDAP Working with LDAP Using LDAP Queries Authenticating End-Users of the Spam Quarantine Configuring External LDAP Authentication for Users Testing Servers and Queries Using LDAP for Directory Harvest Attack Prevention Spam Quarantine Alias Consolidation Queries Validating Recipients Using an SMTP Server SMTP Session Authentication Configuring AsyncOS for SMTP Authentication Authenticating SMTP Sessions Using Client Certificates Checking the Validity of a Client Certificate Authenticating User Using LDAP Directory Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate Establishing a TLS Connection from the Appliance Updating a List of Revoked Certificates Email Authentication Email Authentication Overview Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing Verifying Incoming Messages Using DKIM Overview of Sender Policy Framework (SPF) and SIDF Veri?cation Domain-based Message Authentication Reporting and Conformance (DMARC) Verification Forged Email Detection Email Encryption Overview of Cisco Email Encryption Encrypting Messages Determining Which Messages to Encrypt Inserting Encryption Headers into Messages Encrypting Communication with Other Message Transfer Agents (MTAs) Working with Certificates Managing Lists of Certificate Authorities Enabling TLS on a Listener?s Host Access Table (HAT) Enabling TLS and Certi?cate Verification on Delivery Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services Using System Quarantines and Delivery Methods Describing Quarantines Spam Quarantine Setting Up the Centralized Spam Quarantine Using Safelists and Blocklists to Control Email Delivery Based on Sender Configuring Spam Management Features for End Users Managing Messages in the Spam Quarantine Policy, Virus, and Outbreak Quarantines Managing Policy, Virus, and Outbreak Quarantines Working with Messages in Policy, Virus, or Outbreak Quarantines Delivery Methods Centralized Management Using Clusters Overview of Centralized Management Using Clusters Cluster Organization Creating and Joining a Cluster Managing Clusters Cluster Communication Loading a Configuration in Clustered Appliances Best Practices Testing and Troubleshooting Debugging Mail Flow Using Test Messages: Trace Using the Listener to Test the Appliance Troubleshooting the Network Troubleshooting the Listener Troubleshooting Email Delivery Troubleshooting Performance Web Interface Appearance and Rendering Issues Responding to Alerts Troubleshooting Hardware Issues Working with Technical Support References Model Specifications for Large Enterprises Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces Cisco Email Security Appliance Model Specifications for Virtual Appliances

Duration 3 Days 18 CPD hours This course is intended for Security administrators Security consultants Network administrators Systems engineers Technical support personnel Cisco integrators, resellers, and partners Overview Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP) Recognize the key features and concepts of the AMP for Endpoints product Navigate the AMP for Endpoints console interface and perform first-use setup tasks Identify and use the primary analysis features of AMP for Endpoints Use the AMP for Endpoints tools to analyze a compromised host Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports Configure and customize AMP for Endpoints to perform malware detection· Create and configure a policy for AMP-protected endpoints Plan, deploy, and troubleshoot an AMP for Endpoints installation Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use Describe all the features of the Accounts menu for both public and private cloud installations This course shows you how to deploy and use Cisco AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-by-step attack scenarios. You?ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console, Cisco Threat Grid, and the Cisco Orbital Advanced Search Tool. Course Outline Introducing Cisco AMP Technologies Introducing AMP for Endpoints Overview and Architecture Navigating the Console Interface Using Cisco AMP for Endpoints Identifying Attacks Analyzing Malware Managing Outbreak Control Creating Endpoint Policies Working with AMP for Endpoint Groups Using Orbital for Endpoint Visibility Introducing AMP REST API Navigating Accounts

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is as follows: Cisco integrators, resellers, and partners Network administrators Security administrators Security consultants Systems engineers Technical support personnel Overview After taking this course, you should be able to: Cisco Advanced Malware Protection (AMP) Recognize the key features and concepts of the AMP for Endpoints product Navigate the AMP for Endpoints console interface and perform first-use setup tasks Identify and use the primary analysis features of AMP for Endpoints Use the AMP for Endpoints tools to analyze a compromised host Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports Configure and customize AMP for Endpoints to perform malware detection Create and configure a policy for AMP-protected endpoints Plan, deploy, and troubleshoot an AMP for Endpoints installation Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors. Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use Describe all the features of the Accounts menu for both public and private cloud installations Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v6.0 is a 3-day course that shows you how to deploy and use Cisco© AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-by-step attack scenarios. You?ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console, Cisco Threat Grid, and the Cisco Orbital Advanced Search Tool. The course qualifies for 24 Cisco Continuing Education credits (CE) towards recertification.This class will help you:Learn how to deploy and manage Cisco AMP for EndpointsSucceed in today?s high-demand security operations roles Course Outline This course will cover the following topics: Introducing to Cisco AMP Technologies Introducing AMP for Endpoints Overview and Architecture Navigating the Console Interface Using Cisco AMP for Endpoints Identifying Attacks Analyzing Malware Managing Outbreak Control Creating Endpoint Policies Working with AMP for Endpoint Groups Using Orbital for Endpoint Visibility Introducing AMP REST API Navigating Accounts