Course Catalog
SSFAMP-Protecting Against Malware Threats with Cisco AMP for Endpoints v6.0
Code: SSFAMP v6.0
Duration: 3 Day
$3000 USD

OVERVIEW

This course includes Cisco Training Exclusives

EXCLUSIVE TO GLOBAL KNOWLEDGE - Enhance your Cisco learning experience with complimentary access to our Introduction to Cybersecurity On-Demand course, course recordings, IT Resource Library, and digital courseware.

Learn more

Through expert instruction and hands-on lab exercises, the SSFAMP - Protecting Against Malware Threats with Cisco AMP for Endpoints v6.0 course will teach how to implement and use this powerful solution through a number of step-by-step attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console.

This course is eligible for 24 Continuing Education Credits (ILT & ELT Modality).

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 3 Day
Classroom

Duration: 3 Day

CLASS SCHEDULE
Call 800-798-3901 to enroll in this class!

GOALS
  • Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
  • Recognize the key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Identify and use the primary analysis features of AMP for Endpoints
  • Use the AMP for Endpoints tools to analyze a compromised host
  • Describe malware terminology and recognize malware categories
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
  • Describe all the features of the Accounts menu for both public and private cloud installations
OUTLINE

  • Introduction to Cisco AMP Technologies
  • AMP for Endpoints Overview and Architecture
  • Console Interface and Navigation
  • Using AMP for Endpoints
  • Detecting an Attacker — A Scenario
  • Modern Malware
  • Analysis
  • Analysis Case Studies
  • Outbreak Control
  • Endpoint Policies
  • AMP REST API
  • Accounts
  • Introduction to Cisco AMP Technologies
  • AMP for Endpoints Overview and Architecture
  • Console Interface and Navigation
  • Using AMP for Endpoints
  • Detecting an Attacker — A Scenario
  • Modern Malware
  • Analysis
  • Analysis Case Studies
  • Outbreak Control
  • Endpoint Policies
  • AMP REST API
  • Accounts
LABS

  • Request Cisco AMP for Endpoints User Account (e-learning version only)
  • Accessing AMP for Endpoints
  • Attack Scenario
  • Attack Analysis
  • Analysis Tools and Reporting
  • Zbot Analysis
  • Outbreak Control
  • Endpoint Policies
  • Groups and Deployment
  • Testing Your Policy Configuration
  • REST API
  • User Accounts (optional)
  • Request Cisco AMP for Endpoints User Account (e-learning version only)
  • Accessing AMP for Endpoints
  • Attack Scenario
  • Attack Analysis
  • Analysis Tools and Reporting
  • Zbot Analysis
  • Outbreak Control
  • Endpoint Policies
  • Groups and Deployment
  • Testing Your Policy Configuration
  • REST API
  • User Accounts (optional)
WHO SHOULD ATTEND
  • Security administrators
  • Security consultants
  • Network administrators
  • Systems engineers
  • Technical support personnel
  • Cisco integrators, resellers, and partners
PREREQUISITES

  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols