Detailed Course Outline
Module 1: Introducing Network Threats
- Describing how Symantec Endpoint Protection protects each layer of the network stack
- Discovering the tools and methods used by attackers
- Describing the stages of an attack
Module 2: Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy
- Preventing network attacks
- Examining Firewall Policy elements
- Creating custom firewall rules
- Enforcing corporate security policy with firewall rules
- Configuring advanced firewall feature
Module 3: Blocking Threats with Intrusion Prevention
- Introducing Intrusion Prevention technologies
- Configuring the Memory Exploit Mitigation policy
- Configuring the Intrusion Prevention policy
- Managing custom signatures
- Monitoring Intrusion Prevention events
Module 4: Introducing File-Based Threats
- Describing threat types
- Discovering how attackers disguise their malicious applications
- Describing threat vectors
- Describing Advanced Persistent Threats and a typical attack scenario
- Following security best practices to reduce risks
Module 5: Preventing Attacks with SEP Layered Security
- Virus and Spyware protection needs and solutions
- Examining file reputation scoring
- Describing how endpoints are protected with the Intelligent Threat Cloud Service
- Describing how the emulator executes a file in a sandbox and the machine learning engine's role and function
- Describing download protection with Download Insight.
- Describing file system and Email Auto-Protect and various Auto-Protect considerations.
- Describing SONAR real-time protection.
- Describing the different scan types and scan considerations.
Module 6: Securing Windows Clients
- Platform and Virus and Spyware Protection policy overview
- Tailoring scans to meet an environment's needs
- Ensuring real-time protection for clients
- Detecting and remediating risks in downloaded files
- Identifying zero-day and unknown threats
- Preventing email from downloading malware
- Configuring advanced options
- Monitoring virus and spyware activity
Module 7: Securing Linux Clients
- Navigating the Linux client
- Tailoring Virus and Spyware settings for Linux clients
- Monitoring Linux clients
- SEP for Linux Logs
Module 8: Securing Mac Clients
- Touring the SEP for Mac client
- Securing Mac clients
- Monitoring Mac clients
- SEP Logs on Mac clients
Module 9: Providing Granular Control with Host Integrity
- Ensuring client compliance with Host Integrity
- Host Integrity concepts
- Configuring Host Integrity
- Troubleshooting Host Integrity
- Monitoring Host Integrity
Module 10: Controlling Application and File Access
- Application Control overview
- Describing Application Control and concepts
- Creating application rulesets to restrict how applications run
- Monitoring Application Control events
Module 11: Restricting Device Access for Windows and Mac Clients
- Introducing Device Cotrol
- Describing Device Control features and concepts for Windows
- Describing Device Control features and concepts for Mac clients
- Discovering hardware access policy violations with reports, logs, and notifications
Module 12: Hardening Clients with System Lockdown
- What is System Lockdown?
- Creating and managing the file fingerprint list
- System Lockdown use cases
Module 13: Customizing Policies based on Location
- Creating locations to ensure the appropriate level of security when logging on remotely
- Assigning policies to locations
- Monitoring locations on the SEPM and SEP client
Module 14: Managing Security Exceptions
- Describing security exceptions
- Describing the automatic exclusion created during installation
- Managing Windows and Mac exclusions
- Monitoring security exceptions