Symantec Endpoint Detection and Response 4.5 Administration (SEDRA45)

 

Course Overview

The Symantec Endpoint Detection and Response 4.5 Administration course is designed for the IT security professional in a Security Operations role. This course covers how to detect, investigate, remediate, and recover from an incident using Symantec Endpoint Detection and Response, as well as the prerequisite SEDR configurations and considerations to perform endpoint detection and response.

Who should attend

The Endpoint Detection and Response 4.5 Administration course is intended for students who wish to perform Incident Response activities with Symantec Endpoint Detection and Response.

Prerequisites

This course assumes that students are familiar with Symantec Endpoint Detection & Response and Symantec Endpoint Protection.

Course Objectives

By the completion of this course, you will be able to:

  • Configure SEDR to perform endpoint detection and response
  • Identify evidence of suspicious and malicious activity
  • Search for indicators of compromise
  • Block, isolate, and remove threats in the environment
  • Collect forensic information

Course Content

Module 1: Evolving Threat Landscape
  • Challenges of endpoint detection and response in the environment
  • How Symantec Endpoint Detection and Response meets those challenges
  • SEDR console overview
  • SEDR user accounts and roles
Module 2: Increasing the Visibility of Suspicious and Malicious Activity in the Environment
  • Understanding suspicious & malicious activity
  • Prerequisite SEDR configuration or considerations
  • Identifying evidence of suspicious/malicious activity with SEDR
  • Proactive security incident notification with SEDR
  • Understanding indicators of compromise
  • Searching for indicators of compromise with SEDR
Module 3: Decreasing Security Risk by Responding to Threats in the Environment
  • Prerequisite configuration or considerations
  • Methods used to isolate threats
  • Isolating threats using SEDR
  • Methods used to block threats
  • Blocking threats using SEDR
  • Methods used to remove threats
  • Removing threats using SEDR
Module 4: Collecting and Reporting Forensic Data for Further Investigation of Security Incidents
  • Prerequisite configuration or considerations
  • Information collected by SEDR
  • Collecting forensic information using SEDR
  • Creating reports with SEDR

Prices & Delivery methods

Online Training

Duration
2 days

Price
  • on request
Classroom Training

Duration
2 days

Price
  • on request

Schedule

Currently there are no training dates scheduled for this course.