Protecting against Malware Threats with Cisco AMP for Endpoints (SSFAMP)

Fast Lane’s SSFAMP training course is a 3-day, instructor-led, lab-based, hands-on experience that guides students through the powerful features of Cisco AMP Endpoints and the modern cyber security landscape. After this combination of lecture materials and hands-on labs, you will be able to successfully deploy and manage an AMP for Endpoints deployment.

Day one revolves around cyber security and exposes students to the vast, sophisticated security threats facing businesses today. It will also introduce Cisco Advanced Malware Protection (AMP) technologies as a whole. Days two and three focuses on the Cisco AMP Endpoints – detailing product architecture, abilities and how to apply them to real-life security breach situations.

As malware becomes more dense and complicated, the ability to combat it becomes more critical than ever. Of the positions best suited for Fast Lane’s SSFAMP course, Cisco prefers professionals with major protocol experience, basic network traffic routing knowledge, understanding of common services, as well as general information security fundamentals.

That’s why technical professionals tasked with maintaining network security in any capacity are highly encouraged to enroll in SSFAMP training at Fast Lane. Specifically, security admins, security consultants, network admins, engineers, and other technical support and channel personnel are ideal candidates for this course.

Still unsure if SSFAMP is for you? Meet Charles. Charles is a security administrator for an IT company in Cary, NC, utilizing numerous Cisco Advanced Malware Protection technologies. Not long ago, he began to recognize an increase in the quantity and sophistication of malware attacks he was defending against. Faced with mounting risk, Charles knew he had to act fast.

To better understand Cisco EMP for Endpoints and best secure the networks under his management, Charles decided to enroll in Fast Lane’s SSFAMP course. After three days of lab-based training, Charles successfully completed his SSFAMP certification and was now prepared to build and manage Cisco AMP for Endpoints and best protect his network from always-evolving strands of malware affecting businesses today.

Cisco recommends that you have the following prerequisite knowledge and skills:

• TCP/IP experience including the major protocols, common services, and basic network traffic routing
• General information security fundamentals
• Fundamentals of how operating systems work, including OS configuration structures, file system I/O and basic OS usage and management

You will learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You also analyze malware detections using powerful tools available in the AMP for Endpoints console.

After completing this course, you should be able to:

• Describe malware terminology and recognize malware categories
• Describe the architecture and individual security features of Windows, Apple Mac, and Linux operating systems and the concept of vulnerabilities
• Describe the components and behavior of exploit kits and botnets
• Describe modern attack vectors and trends
• Recognize the key components and methodologies of Cisco Advanced Malware Protection
• Recognize the key features and concepts of the AMP for Endpoints product
• Navigate the AMP for Endpoints console interface and perform first-use setup tasks
• Configure and customize AMP for Endpoints to perform malware detection
• Create and configure a policy for AMP-protected endpoints
• Plan, deploy, and troubleshoot an AMP for Endpoints installation
• Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
• Use the AMP for Endpoints tools to analyze a malware attack
• Describe all features of the Accounts menu for both public and private cloud installations

Labs

• Lab 1: Sample Malware Behavior
• Lab 2: Accessing AMP for Endpoints
• Lab 3: Outbreak Control
• Lab 4: Endpoint Policies
• Lab 5: Groups and Deployment
• Lab 6: Analysis
• Lab 7: Zbot Analysis
• Lab 8: User Accounts