The Symantec Advanced Threat Protection 2.x: Incident Response course is designed for the network, IT security, and systems administration professional in a Security Operations position. This class covers how to detect, remediate, and recover from an incident using Advanced Threat Protection.
- Describe Advanced Threat Protection products, components, dependencies, and system hierarchy.
- Configure Advanced Threat Protection to prepare your Symantec Endpoint Protection endpoints for responding to incidents.
- Detect events and incidents in the ATP Manager and search for indicators of compromise (IOC).
- Remediate threats by isolating breached endpoints and suspicious activity.
- Recover from an outbreak using Symantec best practices and update your Cybersecurity plan.
Who Can Benefit
This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the configuration, and day-to-day management of Advanced Threat Protection and Symantec Endpoint Protection in a variety of network environments.
You must have working knowledge of advanced computer terminology, including TCP/IP networking terms and Internet terms, and an administrator-level knowledge of Microsoft Windows operating systems.