Symantec-training-courses
7491 Reviews star_rate star_rate star_rate star_rate star_half

Symantec Endpoint Detection & Response 4.5 Administration Training

The Symantec Endpoint Detection and Response 4.5 Administration course is designed for the IT security professional in a Security Operations role. This course covers how to detect, investigate,...

Read More
$1,800 USD GSA  $1,541.56
Course Code SYM-EDRADMIN-4-5
Duration 2 days
Available Formats Classroom

The Symantec Endpoint Detection and Response 4.5 Administration course is designed for the IT security professional in a Security Operations role. This course covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response, as well as the prerequisite SEDR configurations and considerations to perform endpoint detection and response.

Skills Gained

By the completion of this training course, you will be able to:

  • Configure SEDR to perform endpoint detection and response.
  • Identify evidence of suspicious and malicious activity.
  • Search for indicators of compromise.
  • Block, isolate, and remove threats in the environment.
  • Collect forensic information.

Who Can Benefit

The Endpoint Detection and Response 4.5 Administration course is intended for students who wish to perform Incident Response activities with Symantec Endpoint Detection and Response.

Prerequisites

This course assumes that students are familiar with Symantec Endpoint Detection & Response and Symantec Endpoint Protection.

Course Details

Hands-On

This course includes practical hands-on exercises that enable you to test your new skills and begin to use those skills in a working environment.

Course Outline

Module 1: The Evolving Threat Landscape

  • Challenges of endpoint detection and response in the environment
  • How Symantec Endpoint Detection and Response meets those challenges
  • Symantec Endpoint Detection and Response Components
  • Symantec Endpoint Detection and Response Management Console
  • Symantec Endpoint Detection and Response User Accounts and Roles

Module 2: Detecting Threats in the Environment

  • Understanding Suspicious & Malicious Activity
  • Prerequisite configuration or considerations
  • Identifying evidence of suspicious/malicious activity with SEDR

Module 3: Investigating Threats in the Environment

  • Understanding Indicators of Compromise
  • Searching for Indicators of Compromise
  • Analyzing Endpoint Activity Recorder Data
  • Additional Investigation Tools

Module 4: Responding to Threats in the Environment

  • Isolating Threats in The Environment
  • Blocking Threats in The Environment
  • Removing Threats in The Environment
  • Tuning the Environment

Module 5: Reporting on Threats in the Environment

  • Notifications and Reporting
  • Collecting forensic data for further investigation of security incidents
  • Using SEDR to create a Post Incident Repor