2021-10-28 07:20 AM - edited 2022-04-29 06:02 AM
Access Training
for Customers/Partners
Access Training
for NetWitness Employees
Check out the newly released 11.6 ILT class here
Summary
This classroom-based training introduces security analysts and administrators to the architecture and toolkit for detecting and investigating risk on endpoint hosts.
Overview
This classroom-based training provides a general introduction to NetWitness Endpoint analysis. Students will participate in both lecture and hands-on experience using the NetWitness Endpoint Analytics tool. The course consists of about 50% hands-on lab work, using a virtual lab environment.
Audience
Anyone new to NetWitness Endpoint interested in increasing their familiarity with the tool’s features and functions within the context of endpoint investigation and analysis..
Duration
2 days
Recommended Prerequisite Knowledge/Skills
No prerequisite requirements but basic knowledge of malware, networking fundamentals and general security analysis concepts is recommended.
Course Objectives
Upon successful completion of this training, participants should be able to:
Course Outline
Module 1 – Introduction
Module 2 – Architecture
Module 3 – Endpoint Agents, Hosts, and Scans
Module 4 – Risk Scores and Metadata
Module 5 – Files and Libraries
Module 6 – Processes, Autoruns & Anomalies
Module 7 – Alerts and Incidents
Module 8 – Malicious Behavior & App Rules
Module 9 – Forensic Samples
If you have any questions, please contact your account manager or Contact Us directly!