SSFAMP: Protecting Against Malware Threats with Cisco AMP for Endpoints
All dates in green are Guaranteed to run.
* This course is delivered by a trusted Boson partner.
SSFAMP: Protecting Against Malware Threats with Cisco AMP for Endpoints
Upcoming Dates
All dates in green are Guaranteed to run.
* This course is delivered by a trusted Boson partner.
SSFAMP: Protecting Against Malware Threats with Cisco AMP for Endpoints 6.0
The Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) 6.0 course shows you how to deploy and use Cisco® AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-by-step attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console, Cisco Threat Grid, and the Cisco Orbital Advanced Search Tool.
What's Included
-
Official Cisco courseware
Prerequisites
-
Technical understanding of TCP/IP networking and network architecture
- Technical understanding of security concepts and protocols
Course Objectives
After completing this course, you should be able to:
- Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
- Recognize the key features and concepts of the AMP for Endpoints product
- Navigate the AMP for Endpoints console interface and perform first-use setup tasks
- Identify and use the primary analysis features of AMP for Endpoints
- Use the AMP for Endpoints tools to analyze a compromised host
- Describe malware terminology and recognize malware categories
- Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
- Use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
- Configure and customize AMP for Endpoints to perform malware detection
- Create and configure a policy for AMP-protected endpoints
- Plan, deploy, and troubleshoot an AMP for Endpoints installation
- Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors.
- Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
- Describe all the features of the Accounts menu for both public and private cloud installations
Course Outline
-
Introducing to Cisco AMP Technologies
Introducing AMP for Endpoints Overview and Architecture
Navigating the Console Interface
Using Cisco AMP for Endpoints
Identifying Attacks
Analyzing Malware
Managing Outbreak Control
Creating Endpoint Policies
Working with AMP for Endpoint Groups
Using Orbital for Endpoint Visibility
Introducing AMP REST API
Navigating Accounts
Labs
-
Amp Account Self-Registration
- Accessing AMP for Endpoints
- Attack Scenario
- Analysis Tools and Reporting
- Outbreak Control
- Endpoint Policies
- Groups and Deployment
- Testing Your Configuration
- Endpoint Visibility Using Orbital
- REST API
- Endpoint Isolation Using Cisco AMP API
- User Accounts
Reviews
Be the first to review this product. If you have used this product, you can review
it on your account page. You must be logged in to review products.
CIS-TR-SSFAMP-01