Menu

INSTRUCTOR-LED COURSE

Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP)

Course Information

Duration: 3 days

Version: SSFAMP 5.0

Price: $3,000.00

Certification:

Exam: 500-275

Learning Credits:

ALL DATES GUARANTEED

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

COURSE DELIVERY OPTIONS

  • Live Classroom

Train face-to-face with the live instructor.

  • Established HD-ILT Location

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.​

  • Virtual Remote

Attend the live class from the comfort of your home or office.

Register

OVERVIEW

The Protecting Against Malware Threats with Cisco© AMP for Endpoints is an instructor-led, lab-based, hands-on course offered by Cisco Learning Services. It is a lab-intensive course that introduces students to the powerful features of Cisco AMP for Endpoints software. Day one of this 3-day virtual class covers modern threats, vulnerabilities, and Cisco Advanced Malware Protection (AMP) technologies. Days two and three detail the Cisco AMP for Endpoints product architecture and how it can be used to protect against malware.

Prerequisites:

  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols

 

Target Audience:

The primary audience for this course is security administrators, security consultants, network administrators, systems engineers, technical support personnel, and channel partners and resellers.

 

Course Objectives:

After completing this course, you should be able to:

  • Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
  • Recognize the key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Identify and use the primary analysis features of AMP for Endpoints
  • Use the AMP for Endpoints tools to analyze a compromised host
  • Describe malware terminology and recognize malware categories
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP-protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
  • Describe all the features of the Accounts menu for both public and private cloud installations

 

Course Outine:

  • Module 1: Introduction to Cisco AMP Technologies
  • Module 2: AMP for Endpoints Overview and Architecture
  • Module 3: Console Interface and Navigation
  • Module 4: Using AMP for Endpoints
  • Module 5: Detecting an Attacker — A Scenario
  • Module 6: Modern Malware
  • Module 7: Analysis
  • Module 8: Analysis Case Studies
  • Module 9: Outbreak Control
  • Module 10: Endpoint Policies
  • Module 11: Groups and Deployment
  • Module 12: AMP REST API
  • Module 13: Accounts

Lab Outline:

  • Lab 1: Accessing AMP for Endpoints
  • Lab 2: Attack Scenario
  • Lab 3: Attack Analysis
  • Lab 4: Analysis Tools and Reporting
  • Lab 5: Zbot Analysis
  • Lab 6: Outbreak Control
  • Lab 7: Endpoint Policies
  • Lab 8: Groups and Deployment
  • Lab 9: Testing Your Policy Configuration
  • Lab 10: REST API
  • Lab 11: User Accounts (optional)

 

 

SLI Main Menu