3 arrows

Get 50% Off ForgeRock Training Bundles

closeClose

Cyber Security Services Administration

  • Tuition USD $1,440 List Price $1,800
  • Reviews star_rate star_rate star_rate star_rate star_half 3224 Ratings
  • Course Code CSS-ADMIN
  • Duration 2 days
  • Available Formats Classroom

The Cyber Security Services Administration course will provide a technical deep dive and hands on experience with Symantec’s Cyber Security Services.

Skills Gained

  • Have a solid understanding of the current cyber security market conditions and the need for Cyber Security Services
  • Identify the components of the technical architecture of Symantec’s CSS Services and understand how it integrates with the customer’s environment
  • Understand the Business Objectives achieved by CSS Services
  • Identify the competitive differentiators of Symantec’s CSS Services

Who Can Benefit

This course is for partners and Symantec staff that are charged with the configuration, integration, and day-to-day management of Managed Security Services and Deepsight Intelligence.

Prerequisites

It is recommended that the student has 1-3 months experience working with the Managed Security Services SOC and Log Collection Platform plus Symantec Managed Security Services Portals (Both DeepSight Intelligence portal and MSS Portal), including performing integration projects with DeepSight Application Programming Interface (APIs).

Course Details

Lesson 1: Overview of Cyber Security Services

  • Current Threat Landscape and the need for CSS
  • Symantec Information Protection Strategy
  • Introduction to Cyber Security Services

Lesson 2: Managed Security Services Overview

  • Introduction to Symantec Managed Security Services
  • 24x7 Global Threat Monitoring by trained security analysts
  • Timely validation and remediation of security incidents
  • Protect Against Evolving Complexity and Advanced Threats in Cybersecurity
  • Managed Security Services Portal Login Overview

Lesson 3: Achieving 24x7 Global Threat Monitoring

  • Managed Security Services Architecture
  • 24x7 Global Threat Monitoring by trained security analysts
  • Managed Security Services Portal Overview

Lesson 4: MSS Platform and Architecture Overview

  • Leveraging Existing SIEMs
  • MSS Log Collection Platform (LCP) Architecture and Transport Methods
  • Providing for Log Aggregation with Symantec Event Agent and Collectors
  • Implementing a Solution Design Onsite
  • Comprehensive Support of Device Types and Log Collection Categories

Lesson 5: Timely Validation of Security Incidents

  • What is the SOC Technology Platform?
  • Provide for Timely Log Collection and Storage to meet Business Requirements
  • STP Automated Validation Process Decreases Time for Incident Validation
  • Timely Identification, Analysis, and Notification of Security Incidents

Lesson 6: Protecting Against Advanced Threats by Leveraging Threat Intelligence in MSS

  • The Evolution of Threats
  • Solving the Advanced Threat Problem
  • Leveraging the capabilities of ATP with MSS

Lesson 7: Security Monitoring and Managed IDS

  • MSS Security Monitoring Solution
  • MSS Managed IDS Solution

Lesson 8: Managed Security Services Review

  • Review of Symantec Managed Security Services Architecture
  • 24x7 Global Threat Monitoring by trained security analysts
  • Timely validation and remediation of security incidents
  • Protect Against Evolving Complexity and Advanced Threats in Cybersecurity
  • Security Monitoring and Managed IDS Solutions

Lesson 9: Impact of Security Intelligence

  • The Evolving Threat Landscape
  • On the Nature of Security Intelligence
  • The Value of Security Intelligence Across the Enterprise
  • Intelligence as a Proactive Solution

Lesson 10: Symantec Deepsight Intelligence Overview

  • Introduction to the Global Intelligence Network
  • Sources of Information in the GIN
  • Managed Adversary Threat Intelligence
  • Additional Sources

Lesson 11: Provide for Context Aware Threat Intelligence Portal with Delegate Authority based on User and Group Roles

  • DeepSight Portal Access and Layout
  • DeepSight Portal Contents and Navigation
  • Licensing and Portal Levels
  • Configuring the Organization Profile and Licenses
  • Account Management, Users, Roles, and Groups

Lesson 12: Provide for More Targeted Intelligence and Minimizing Noise by Utilizing Technology Lists

  • Technology List purpose and theory
  • Creating a Technology List
  • Publishing and Sharing Technology Lists
  • Uploading Lists

Lesson 13: Provide for Timely Alerts and Access to Custom Reporting Based on Customer Policies and Practices

  • Alerts and Monitors Overview
  • Creating an Alert
  • Alert Delivery Methods
  • Mining DeepSight for Custom Reporting
  • Scheduled Reports and Report Delivery

Lesson 14: Leveraging Threat Intelligence with Existing SIEM Investment in Support of Customer Policies and Practices

  • Datafeed Types and Value
  • The Security Risk Datafeed
  • The Vulnerabilty Datafeed
  • Basic and Advanced IP Reputation Datafeeds
  • Basic and Advanced URL/Domain Reputation Datafeeds
  • Methods of Integration and Tools
  • Datafeed Integration with ArcSight
  • Datafeed Integration with SPLUNK
  • Datafeed Integration with Risk Fabric

Lesson 15: Integrating DeepSight Threat Intelligence into Custom Applications with the DeepSight API

  • A New Access Method
  • DeepSight API Details
  • DeepSight API Entitlements

Lesson 16: Deepsight Intelligence Review

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals, and private on sites. View our group training page for more information.

Professional, well presented material. Great for refresher or high level introduction to the material.

The Course material and lab infrastructure and the overall Experience is very good.

Course was well presented the supplied camera and head phones were plus in making the virtual course as real as it can get.

Great content and great delivery. Will definitely like to take more classes with Ruben if possible

I have taken two AWS courses with ExitCertified, both were excellent. My team and I will definitely be back next fiscal.

0 options available

There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links above. We can also contact you when the course is scheduled in your area.

Contact Us 1-800-803-3948
Contact Us
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward