TRAPS: Cloud Service Operations (EDU-290) - NYTT

Training from Palo Alto Networks® and Palo Alto Networks® Authorized Training Centers delivers knowledge and expertise that prepare you to protect our digital way of life. Our trusted security certifications validate your knowledge of the Palo Alto Networks® Security Operating Platform and your ability to help prevent successful cyberattacks and safely enable applications.

Course Objectives

Students should learn how Traps protects against exploits and malware-driven attacks. In hands-on lab exercises, students will explore and configure new cloud-based Traps Management Service and install Traps endpoint components; build policy rules and profiles; enable and disable process protections; and integrate Traps with Palo Alto Networks WildFire® cloud service, which provides prevention and detection of zero-day malware.


Scope

  • Course level: Introductory
  • Course duration: 2 days
  • Course format: Combines instructor-facilitated lecture with hands-on labs
  • Software version: Palo Alto Networks Traps Advanced Endpoint Protection
  • Language: Undervisningen og dokumentasjon er på engelsk


Target Audience
Endpoint Security Engineers, System Administrators, and Technical Support Engineers

Prerequisites
Students must have familiarity with enterprise security concepts.

 

KURSINNHOLD:

Module 1: Traps Overview

  • How Sophisticated Attacks Work Today
  • Traps Multi-Method Threat Prevention
  • Traps Components and Resources

Module 2: Cloud Services

  • Application Framework and Cloud Services Portal
  • Shared Services and Traps Onboarding Flow

Module 3: Cloud- Based Management

  • Traps Service Dashboard and Licensing
  • Cross-Platform Agent and Agent Installation
  • Endpoints and Endpoint Groups

Module 4: Policy Rules and Profiles

  • Profiles and Policy Rules
  • Agent Settings Profile

Module 5: Malware Protection Flow

  • Traps Malware Protection Modules Overview
  • Restrictions Profiles, Malware Profiles, and Scanning

Module 6: Exploits and Exploitation Techniques

  • Application Exploit Prevention
  • Exploitation Techniques and Defense Mechanisms
  • Basics of Process Management (Optional)

Module 7: Exploit Protection Modules

  • Architecture and Overview
  • Exploit Protection Modules (EPMs)
  • Exploit Profiles

Module 8: Event Management

  • Security Event Logs and Exceptions
  • Endpoint and Server Logs
  • Manage Quarantined Files

Module 9: Basic Traps Troubleshooting

  • Troubleshooting Methodology and Resources
  • Traps Cytool and Agent Identification
  • Traps Agent Log Files and Agent Persist Databases
  • Working with Technical Support

Module 10: Traps Architecture

  • AWS Services Used by Traps Service
  • Multi-Regional Architecture
  • Agent File Uploads and Downloads
  • Agent-Server Communication

Module 11: Directory Sync Service

  • Directory Sync Service – Activation and Setup
  • Troubleshooting


Deltagerne må ta med egen PC til bruk under kurset

 

ATC-training_logo-W200

Praktisk informasjon

07.02 - 08.02
09:00 - 16:00
Data Equipment
Sandstuveien 70 F, inngang nord
0680 Oslo
16.500,-
Påmelding

Flere kurs