HBFITES Data Center, Collaboration, Security, Storage, Wireless, Telepresence Training +91-9886770046 info@hbfites.com

SSFAMP - Securing Cisco Networks with Sourcefire FireAMP Endpoints

Description

Securing Cisco Network with Sourcefire FireAMP Endpoints is an instructor-led, lab-intensive course that introduces students to the powerful features of the FireAMP software. This two-day virtual class covers information on Sourcefire Advanced Malware Protection (AMP) technology, deployment, management, and analysis.

You will learn how to build and manage an AMP deployment, create policies for endpoint groups, and deploy connectors. Users will also analyze malware detections using powerful tools available in the FireAMP console.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage a FireAMP deployment.

Objectives

Upon successful completion of this course and it's labs you should be able to:

  • Understand the architecture and various components of FireAMP and FireAMP cloud
  • Understand security concerns around malware and how attacks unfold
  • Understand and navigate the FireAMP interface, dashboard, and its components
  • Manage malware detection mechanisms
  • Understand advanced policy configuration for endpoints
  • Understand how to deploy and ditsribute the FireAMP connector
  • Understand file analysis and FireAMP reporting
  • Understand the private cloud offering

Prerequisites

The following prerequisites are recommended:

  • Technical understanding of TCP/IP networking and network architecture
  • Basic familiarity with the concepts of malware detection

Who Should Attend

This course is designed for technical professionals who need to know how to write rules and understand open source Snort language. The primary audience for this course includes:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Outline

Module 1: FireAMP Overview and Architecture
Module 2: Console Interface and Navigation
Module 3: Outbreak Control
Module 4: Endpoint Policies
Module 5: Groups and Deployment
Module 6: Analysis
Module 7: Anlaysis Case Studies
Module 8: Accounts

Lab Outline

Lab 1: Performing the Initial Setup
Lab 2: Initialize the Private Cloud
Lab 3: Accessing the FireAMP Console
Lab 4: Reviewing the Interface
Lab 5: Simple Custom Detections
Lab 6: Advanced Custom Detection
Lab 7: Application Blocking
Lab 8: Whitelisting
Lab 9: DFC IP Backist
Lab 10: Create a FireAMP Policy
Lab 11: Creating Groups
Lab 12: Deploying the Connector
Lab 13: Connector Command Line Installation
Lab 14: Query the History Database
Lab 15: Manually Install a Policy
Lab 16: Testing Your Policy
Lab 17: Working with FireAMP Events
Lab 18: Detection/ Quarantine Events
Lab 19: File Trajectory
Lab 20: Device Trajectory
Lab 21: Reporting
Lab 22: ZBot Analysis and Remediation
Lab 23: User Accounts
Lab 24: Enable Demo Data