Symantec Data Loss Prevention 11.5: Administration - Torque IT

CT-SE03Symantec Data Loss Prevention 11.5: AdministrationSummaryDuration Vendor Learning Credits Delivery Method5 Days Symantec 25 Instructor-led (Classroom)AudienceThis course is intended for anyone responsible for configuring, maintaining, and troubleshooting Symantec Data Loss Prevention.Additionally, this course is intended for technical users responsible for creating and maintaining Symantec Data Loss Preventionpolicies and the incident response structure.IntroductionThe Symantec Data Loss Prevention 11.5: Administration course is designed to provide you with the fundamental knowledge toconfigure and administer the Symantec Data Loss Prevention Enforce platform. The hands-on labs include exercises forconfiguring Enforce server, detection servers, and DLP Agents as well as reporting, workflow, incident response management,policy management and detection, response management, user and role administration, directory integration, and filtering.Additionally, you are introduced to deployment best practices and the following Symantec Data Loss Prevention products:Network Monitor, Network Prevent, Symantec Data Loss Prevention for Tablets, Network Discover, Network Protect, EndpointPrevent, and Endpoint Discover. Note that this course is delivered on a Microsoft Windows platform.PrerequisitesYou must have a working knowledge of Windows serverclass operating systems and commands, as well as networking andnetwork security concepts.At Course CompletionAfter completing this course, students will be able to: By the end of this course, you will be able to configure and use Symantec Data Loss Prevention 11.5.Course ContentIntroduction to Symantec Data LossPrevention Symantec Data LossPrevention overviewSymantec Data LossPrevention architectureNavigation and Reporting Navigating the user interfaceReporting and analysisReport navigation,preferences, and featuresReport filtersReport commandsIncident snapshotHands-on labs: Become familiar withnavigation and tools in the user interface.Create, filter, summarize, and distributereports. Create users, roles, andattributesIncident Remediation and Workflow Incident remediation andworkflowManaging users andattributesCustom attribute lookupHands-on labs: Remediate incidents,configure a user’s reporting preferences,and custom attribute look-ups using a .csvfilePolicy Management Policy overviewCreating policy groupsUsing policy templatesBuilding policiesPolicy development bestpracticesHands-on labs: Use policy templates andpolicy builder to configure and apply newpoliciesResponse Rule Management Response rule overviewCreating AutomatedResponse rulesCreating Smart ResponserulesResponse rule best practicesHands-On Labs: Create and useAutomated and Smart Response rulesDescribed Content Matching DCM detection methodsUse casesUsing DCM in policiesHands-on labs: Create policies thatinclude DCM and then use those policiesto capture incidentsExact Data Matching and DirectoryGroup Matching Exact data matching (EDM)Directory group matching(DGM)Advanced EDMHands-on labs: Create policies thatinclude EDM and DGM, and then use thosepolicies to capture incidentsIndexed Document Matching Indexed document matching(IDM)Using IDM in policiesHands-on labs: Create policies thatinclude IDM rules and then use thosepolicies to capture incidentsVector Machine Learning Vector Machine Learning(VML)Creating a VML profileHands-on labs: Create a VML profile,import document sets, and create a VMLpolicyNetwork Monitor Review Review of Network MonitorProtocolsTraffic filteringNetwork Monitor bestpracticesHands-On Labs: Apply IP and L7 filtersIntroduction to Network Prevent Network Prevent overviewIntroduction to NetworkPrevent (Email)Introduction to NetworkPrevent (Web)

Hands-On Labs: Configure NetworkPrevent (E-mail) response rules,incorporate them into policies, and usethe policies to capture incidentsIntroduction to Symantec Data LossPrevention for Tablets OverviewInstallation and configurationMDM configuration andintegrationVPN configurationPolicy and response ruleconfigurationReporting and remediationLogging and troubleshootingDemonstration: Configure Tablet Preventresponse rules, incorporate them intopolicies, and use the policies to captureincidentsIntroduction to Network Discover andNetwork Protect Network Discover andNetwork Protect overviewConfiguring Discover targetsProtecting dataFlexResponse platformRunning and managingscansReports and remediationNetwork Discover andNetwork Protect bestpracticesHands-on labs: Create and run a filesystem target using various responserules, including quarantiningIntroduction to Endpoint Prevent Endpoint Prevent overviewConfiguring Endpoint PreventDetection capabilities at theEndpointCreating Endpoint responserulesCapturing Endpoint Preventincidents and viewing themin reportsEndpoint Prevent bestpracticesHands-on labs: Create Endpoint responserules, monitor and block Endpoint actions,and view Endpoint incidentsManaging DLP Agents Managing agentsHands-on labs: Use the Enforce console tomanage DLP AgentsIntroduction to Endpoint DiscoverEndpoint Discover overviewCreating and runningEndpoint Discover targetsUsing Endpoint Discoverreports and reportingfeaturesHands-on labs: Create Endpoint Discovertargets, run Endpoint Discover targets,and view Endpoint Discover incidentsEnterprise Enablement Preparing for risk reductionRisk reductionDLP Maturity modelSystem Administration Server administrationLanguage supportCredential managementTroubleshootingDiagnostic toolsTroubleshooting scenarioGetting supportHands-on labs: Interpret event reportsand traffic reports, configure alerts, anduse the Log Collection and ConfigurationtoolAssociated Certifications & ExamThis course prepares students to write Exam 250-512: Administration of Symantec Data Loss Prevention 11.5 and certifiy as aSymantec Certified Specialist.On successful completion of this course students will receive a Torque IT attendance certificate.