on 2020-12-04 01:06 PM - edited on 2021-08-25 06:05 AM by ElynnKoh
In order to register for a class, you need to first create a Dell Education account
If you need further assistance, contact us
Summary
This classroom-based training introduces security analysts and administrators to the architecture and toolkit for detecting and investigating risk on endpoint
hosts.
Overview
This classroom-based training provides a general introduction to RSA NetWitness Endpoint analysis. Students will participate in both lecture and hands-on experience using the RSA NetWitness Endpoint Analytics tool. The course consists of about 50% hands-on lab work, using a virtual lab environment.
Audience
Anyone new to RSA NetWitness Endpoint interested in increasing their familiarity with the tool’s features and functions within the context of endpoint investigation and analysis..
Duration
2 days
Recommended Prerequisite Knowledge/Skills
No prerequisite requirements but basic knowledge of malware, networking fundamentals and general security analysis concepts is recommended.
Course Objectives
Upon successful completion of this training, participants should be able to:
Course Outline
Module 1 – Introduction
Module 2 – Architecture
Module 3 – Endpoint Agents, Hosts, and Scans
Module 4 – Risk Scores and Metadata
Module 5 – Files and Libraries
Module 6 – Processes, Autoruns & Anomalies
Module 7 – Alerts and Incidents
Module 8 – Malicious Behavior & App Rules
Module 9 – Forensic Samples
In order to register for a class, you need to first create a Dell Education account
If you need further assistance, contact us