SSFAMP|Protecting Against Malware Threats with Cisco AMP for Endpoints|Cisco AMP Training| Skip to main Content

Protecting Against Malware Threats with Cisco AMP for Endpoints

  • Course Code SSFAMP
  • Days Access 180 days
  • Version 6.0

Course Delivery

Additional Payment Options

  • GTC 41 inc. VAT

    GTC, Global Knowledge Training Credit, please contact Global Knowledge for more details

Elearning (Self-paced) Price

eur930,00

excl. VAT

Add to Cart Add to Cart

Jump to:

Course Delivery

This course is available in the following formats:

  • Elearning (Self-paced)

    Self paced electronic learning

  • Public Classroom

    Traditional Classroom Learning

  • Virtual Learning

    Learning that is virtual

Request this course in a different delivery format.

Course Overview

Top

The Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) course shows you how to deploy and use Cisco® AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through several step-by-step attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console.

e-Learning

Interactive self-paced content that provides flexibility in terms of pace, place and time to suit individuals and organisations. These resources also consist of online books, educational podcasts and vodcasts, and video-based learning.

Target Audience

Top

Anyone involved in the deployment and utilisation of Cisco AMP for Endpoints

Show me more

Course Objectives

Top

After completing this course you should be able to:

  • Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
  • Recognize the key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Identify and use the primary analysis features of AMP for Endpoints
  • Use the AMP for Endpoints tools to analyze a compromised host
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP-protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors.
  • Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
  • Describe all the features of the Accounts menu for both public and private cloud installations
Show me more

Course Content

Top

Introducing to Cisco AMP Technologies

  • Cisco Talos
  • AMP Threat-Centric Security Model
  • Protection Framework
  • Retrospection Framework
  • Cisco SecureX

Introducing AMP for Endpoints Overview and Architecture

  • Cisco AMP for Endpoints
  • Cisco AMP Cloud Architecture
  • Cisco AMP Private Cloud
  • Cisco AMP for Endpoints Integration

Navigating the Console Interface

  • Activating Your Cisco Account
  • Quick Start Configuration and Deployment
  • Console Dahsboard
  • Menu System

Using Cisco AMP for Endpoints

  • Exploring Your Environment with the AMP Console
  • System Operations

Identifying Attacks

  • Identifying and Containing a Low Prevelance Threat
  • Using CVE with AMP for Endpoints
  • Using File Trajectory to Track a Threat

Analyzing Malware

  • Analyzing Events
  • Using Cisco Threat Grid
  • File Analysis
  • Further Analysis Features
  • Reporting

Managing Outbreak Control

  • Managing Malware Detections
  • Managing Indications of Compromise

Creating Endpoint Policies

  • Configuring Endpoint Policies - Basics
  • Configuring Endpoint Policies - Advanced Settings

Working with AMP for Endpoint Groups

  • Examining Groups
  • Configuring Exclusions
  • Preparing for a Deployment
  • Deployng Windows Connectors
  • Windows Installation and the Connector Interface
  • Troubleshooting Cisco AMP for Endpoints

Using Orbital for Endpoint Visibility

  • Introducing Cisco Orbital
  • Orbital Console
  • Using Cisco Orbital to Obtain Endpoint Information
  • Osquery Syntax

Introducing AMP REST API

  • Examining the AMP REST API
  • REST API Documentation and Resources
  • Query Response Data Structure: JSON
  • REST API Authentication
  • Performing REST API Transactions
  • Using REST API Data in other Applications

Navigating Accounts

  • User Administration
  • Further Account Options
 
Labs
  • Amp Account Self-Registration
  • Accessing AMP for Endpoints
  • Attack Scenario
  • Analysis Tools and Reporting
  • Outbreak Control
  • Endpoint Policies
  • Groups and Deployment
  • Testing Your Configuration
  • Endpoint Visibility Using Orbital
  • REST API
  • Endpoint Isolation Using Cisco AMP API
  • User Accounts
Show me more

Course Prerequisites

Top

Attendees should meet the following prerequisites:

  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols
Recommended prerequisites:
Show me more

Test Certification

Top

Recommended as preparation for the following exam:

  • There is currently no exam aligned to this course

 

Show me more

Related Products

Top

We Care About Your Privacy

We are using cookies to give you the best experience on our site. Cookies are files stored in your browser and are used by most websites to help personalise your web experience. By continuing to use our website without changing the settings, you are agreeing to our use of cookies.

Please only use paragraphs and links in this rich text field. A link to page with cookie info

About your Privacy

We process your data for purposes such as delivering content or advertisements and measuring the delivery of such content or advertisements to extract insights about our website. We may share this information with our partners. Cookies set by Global Knowledge are labelled “first party”; you may exercise your preferences in relation to first party cookies by toggling the switch for each first party cookie category below. The remaining cookies are third party cookies; you may exercise your preferences in relation to each purpose by toggling the relevant switch below or by vendor by clicking “List of IAB Vendors.” These choices will be signaled globally to other websites participating in the Transparency and Consent Framework.
Privacy Statement

Necessary Cookies

These are cookies that are required for the Global Knowledge website to function and cannot be switched off in our systems. They include, for example, cookies that enable you to use a shopping cart or log into the booking area of our website.

Analytics Cookies

Analytics cookies are an optional but important part of our website's functionality. They help us to understand how you interact with our site by collecting and reporting information anonymously. The data collected by analytics cookies is used to improve the website's performance and enhance the user experience. It is important to note that these cookies do not collect any personal information that can be used to identify you.

Preferences Cookies

These are optional and you can turn them off and on. Please only use 2 to 3 lines of text here and if needed link to a page with more cookie info in Intro.

Performance Cookies

These cookies allow us to recognise and count the number of visitors to our website, traffic sources and to see how website visitors move around the website when they are using it. This helps us to improve the way the website works and improve your website experience. All information these cookies collect is aggregated and therefore anonymous.

Cookie Control toggle icon