TRAPS 4.1: Deploy and Optimize (EDU-285)
Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this two-day, instructor-led course equips the student to deploy Traps in large-scale or complex configurations and optimize its configuration.
Training from Palo Alto Networks and Palo Alto Networks® Authorized Training Centers delivers knowledge and expertise that prepare you to protect our digital way of life. Our trusted security certifications validate your knowledge of the Palo Alto Networks® next-generation security platform and your ability to help prevent successful cyberattacks and safely enable applications.
Students should learn how to design, build, implement, and optimize large-scale Traps deployments: those with multiple servers and/or thousands of endpoints. In hands-on lab exercises, students will distribute Traps endpoint software in an automated way; prepare master images for VDI deployment; build multi-ESM deployments; design and implement customized policies; test Traps with exploits created using Metasploit; and examine prevention dumps with windbg
Security Engineers, System Administrators, and Technical Support Engineers.
Students should have completed “Traps 4.1: Install, Configure, and Manage” or (for Palo Alto Networks employee and partner SEs) “PSE: Endpoint Associate” training. Windows system administration skills and familiarity with enterprise security concepts also are required.
Course level: Intermediate
Course duration: 2 days
Course format: Combines instructor-facilitated lecture with hands-on labs
Software version: Palo Alto Networks Traps Advanced Endpoint Protection 4.1
Language: The instrucor will speak Norwegian, the documentation is in English
Module 1: Scaling Server Infrastructure
- Small site architectures
- Large site architectures
- TLS/SSL deployment considerations
Module 2: Scaling Agent Deployment
- Distributing Traps via GPO
- Configuring Virtual Desktop Infrastructure with Traps
Module 3: ESM Tuning
- Tuning ESM settings
- External logging and SIEM integration
- Role Based Access Control (RBAC)
- Defining Conditions
- Tuning Policies
- Implementing ongoing maintenance
Module 4: Windows migrations for Traps
- SQL database migration
- SSL certificate migration
Module 5: Advanced Traps Forensics
- Best practices for managing forensic data
- Agent queries
- Resources for malicious software testing
- Exploit challenge testing with Metasploit
- Exploit dump analysis with windbg
Module 6: Advanced Traps Troubleshooting
- ESM and Traps architecture
- Troubleshooting scenarios using dbconfig and cytool
- Troubleshooting application compatibility and BITS connectivity
Deltagerne må ta med egen PC til bruk under kurset.