SSFAMP – Protecting against Malware Threats with Cisco AMP for Endpoints
SSFAMP - Protecting against Malware Threats with Cisco AMP for Endpoints
Course Overview
The Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v6.0 course shows you how to deploy and use Cisco® AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through several step-by-step attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console.
How you’ll benefit
This class will help you:
Learn how to deploy and manage Cisco AMP for Endpoints
Succeed in today’s high-demand security operations roles
Who should attend
Cisco integrators, resellers, and partners
Network administrators
Security administrators
Security consultants
Systems engineers
Technical support personnel
Prerequisites
To fully benefit from this course, you should have the following knowledge and skills:
Technical understanding of TCP/IP networking and network architecture
Technical understanding of security concepts and protocols
The recommended Cisco offering may help you meet these prerequisites:
Implementing and Administering Cisco Solutions (CCNA)
Course Objectives
After taking this course, you should be able to:
Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
Recognize the key features and concepts of the AMP for Endpoints product
Navigate the AMP for Endpoints console interface and perform first-use setup tasks
Identify and use the primary analysis features of AMP for Endpoints
Use the AMP for Endpoints tools to analyze a compromised host
Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
Configure and customize AMP for Endpoints to perform malware detection
Create and configure a policy for AMP-protected endpoints
Plan, deploy, and troubleshoot an AMP for Endpoints installation
Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors.
Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
Describe all the features of the Accounts menu for both public and private cloud installations
Course Outline:
Protecting against Malware Threats with Cisco AMP for Endpoints (SSFAMP)
Introducing to Cisco AMP Technologies
Introducing AMP for Endpoints Overview and Architecture
Navigating the Console Interface
Using Cisco AMP for Endpoints
Identifying Attacks
Analyzing Malware
Managing Outbreak Control
Creating Endpoint Policies
Working with AMP for Endpoint Groups
Using Orbital for Endpoint Visibility
Introducing AMP REST API
Navigating Accounts
Lab Topology
Amp Account Self-Registration
Accessing AMP for Endpoints
Attack Scenario
Analysis Tools and Reporting
Outbreak Control
Endpoint Policies
Groups and Deployment
Testing Your Configuration
Endpoint Visibility Using Orbital
REST API
Endpoint Isolation Using Cisco AMP API
User Accounts