Skip to content

The Symantec (Broadcom) Endpoint Detection & Response 4.x Administration training course covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response, as well as the prerequisite SEDR configurations and considerations to perform endpoint detection and response.

Select a date below

Categories:
Topics:

Dates are listed in Pacific Time Zone

= Guaranteed to run date

Description

Print Friendly, PDF & Email

Overview:

The Symantec (Broadcom) Endpoint Detection & Response 4.x Administration training course covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response, as well as the prerequisite SEDR configurations and considerations to perform endpoint detection and response.

Course Objectives:

By the completion of this training course, you will be able to:

  • Configure SEDR to perform endpoint detection and response.
  • Identify evidence of suspicious and malicious activity.
  • Search for indicators of compromise.
  • Block, isolate, and remove threats in the environment.
  • Collect forensic information.

Audience:

The Endpoint Detection and Response 4.x Administration course is intended for students who wish to perform Incident Response activities with Symantec Endpoint Detection and Response.

Pre-requisites:

This course assumes that students are familiar with Symantec Endpoint Detection & Response and Symantec Endpoint Protection.

Outline:

Module 1: The Evolving Threat Landscape

  • Challenges of endpoint detection and response in the environment
  • How Symantec Endpoint Detection and Response meets those challenges
  • Symantec Endpoint Detection and Response Components
  • Symantec Endpoint Detection and Response Management Console
  • Symantec Endpoint Detection and Response User Accounts and Roles

Module 2: Detecting Threats in the Environment

  • Understanding Suspicious & Malicious Activity
  • Prerequisite configuration or considerations
  • Identifying evidence of suspicious/malicious activity with SEDR

Module 3: Investigating Threats in the Environment

  • Understanding Indicators of Compromise
  • Searching for Indicators of Compromise
  • Analyzing Endpoint Activity Recorder Data
  • Additional Investigation Tools

Module 4: Responding to Threats in the Environment

  • Isolating Threats in The Environment
  • Blocking Threats in The Environment
  • Removing Threats in The Environment
  • Tuning the Environment

Module 5: Reporting on Threats in the Environment

  • Notifications and Reporting
  • Collecting forensic data for further investigation of security incidents
  • Using SEDR to create a Post Incident Report

Additional information

Length

2 days

Guaranteed to run

No

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.