SSFAMP Training

The Protecting Against Malware Threats with Cisco® AMP for Endpoints is an instructor-led, lab-based, hands-on course offered by Cisco Learning Services. It is a lab-intensive course that introduces students to the powerful features of Cisco AMP for Endpoints software. Day one of this 3-day virtual class covers modern threats, vulnerabilities, and Cisco Advanced Malware Protection (AMP) technologies. Days two and three detail the Cisco AMP for Endpoints product architecture and how it can be used to protect against malware.

You learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You also analyze malware detections using powerful tools available in the AMP for Endpoints console. This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage an AMP for Endpoints deployment.

Exam Number:
500-275
Exam Name:
Advanced Security Architecture Specialization
Certifications:
Advanced Security Architecture Specialization
Duration:
5 Days

Upcoming Dates

Apply
Class Date Class Hours Location GTR Price  

What's Included

  • Comprehensive study materials and official Cisco courseware

Prerequisites

  • TCP/IP experience including the major protocols, common services, and basic network traffic routing
  • Basic familiarity with the concepts of malware detection
  • Fundamentals of how operating systems work, including OS configuration structures, file system I/O and basic OS usage and management

Course Objectives

After completing this course, you will be able to:

  • Describe FireAMP technology and its place in securing your network.
  • Understand the role of the Source.
  • fire cloud in the FireAMP infrastructure with both public and private cloud deployments.
  • Configure FireAMP outbreak control features, policies and groups.
  • Deploy FireAMP windows connectors according to best practices.
  • Troubleshoot the most common FireAMP connector and communication issues.
  • Understand how to use the FireAMP console to filter events and perform both file trajectory and device trajectory analysis.

Course Outline

  • Module 1: Modern Malware
  • Module 2: Operating Systems and Vulnerabilities
  • Module 3: Exploit Kits and Botnets
  • Module 4: Attack Vectors and Trends
  • Module 5: Introduction to Cisco AMP Technologies
  • Module 6: AMP for Endpoints Overview and Architecture
  • Module 7: Console Interface and Navigation
  • Module 8: Outbreak Control
  • Module 9: Endpoint Policies
  • Module 10: Groups and Deployment
  • Module 11: Analysis
  • Module 12: Analysis Case Studies
  • Module 13: Accounts

Labs

  • Lab 1: Sample Malware Behavior
  • Lab 2: Accessing AMP for Endpoints
  • Lab 3: Outbreak Control
  • Lab 4: Endpoint Policies
  • Lab 5: Groups and Deployment
  • Lab 6: Analysis
  • Lab 7: Zbot Analysis
  • Lab 8: User Accounts