?

Cisco AMP (Advanced Malware Protection) for Endpoints Training

16 hours
The Cisco AMP (Advanced Malware Protection) for Endpoints Training is structured as a hybrid workshop and is delivered by a technology specific subject matter expert in a workshop format, either virtually via the customer's preferred meeting application or onsite at the customer's location. The engagement combines an SME engagement, workshop, training and lab demo all in one interactive experience that focuses on learning a new technology, best practices and how it will fit into the customer's current environment.

What to Expect

The following items are included in this training: 

  • Demonstrating design strategies
  • Demonstrate flexibility and use cases of different design and migration changes
  • Execution concepts & whiteboarding
  • Automate, operate and secure concept walkthrough
  • Provision, validation and troubleshooting commands

Goals & Objectives

Our expert-led training workshop will help you gain a better understanding of the Cisco AMP (Advanced Malware Protection) for Endpoints technology. 

Details

The following is a summary of the 2-day agenda, concepts and inclusions for the training:

Day 1

Planning

  • System Requirement and OS
  • Create exclusions for other security products
  • Gather information on custom apps and proxy servers
  • Gather information about proxy servers
  • Check Firewall rules for client (Window, MAC, Linux)

Dashboard Overview

Portal Configuration

  • Create exclusions
  • Create outbreak control list
  • Create policies
  • Create groups
  • Create whitelist

Deploying the AMP Connector

  • Manual
  • Optional SCCM

Troubleshooting the installed

  • Basic threat hunting download from malware website (eicar website – text file which is safe)
  • Enable demo Malware sample for threat hunting via device and file trajectory dashboard
 

Day 2

Cisco AMP Hands on Lab (Continue)

  • Cisco AMP use case
    • Additional Features
    • Using different groups
      • Audit Mode
      • Protect Mode
      • Triage
      • Servers
      • Domain Controller
    • Troubleshooting
  • Cisco AMP Administration Reports
  • Cisco AMP Basic threat hunting 
    • Device Trajectory
    • File Trajectory