United Kingdom
Germany
Denmark
Sweden
Italy
Netherlands
Norway 
During the three days, you will learn how to test existing deployment, how to administer policies and reports, handle incidents and endpoints, upgrade and manage the AP-DATA system. You will develop skills in creating data policies, building custom classifiers and using predefined policies, incident management, reporting, and system architecture and maintenance.
Ota yhteyttä
Voit olla meihin yhteydessä ja tiedustella koulutuksistamme täydentämällä yhteystietosi ja koulutuksen nimen oheen.
Kesto 3 päivää
Toimitus (Online ja paikan päällä)
Hinta Hinta pyydettäessä
Upon successful completion of the course, delegates will be able to:
- Understand the deployment
- Create and use custom classifiers
- Use predefined classifiers, rules and policies
- Control various channels – network, file discovery and endpoint agents
- Review Incidents and Reports
- Perform the backup and restore for logs and other data
- Perform semi-automatic failover
- Archive incidents and forensics
Day 1
- 1) Intercepting with AP-WEB and AP-EMAIL
- a) Checking the WCG configuration
- b) Checking the AP-EMAIL configuration
- c) Monitoring vs. blocking mode
- d) Intercepting TLS traffic
- 2) Intercepting traffic with Protector
- a) Protector deployment types
- b) ICAP mode
- 3) Discovery with AP-DATA Servers
- a) Classical discovery with crawler
- b) Discovery with FCI Agent
- c) OCR for image analysis
- 4) Transaction Lifecycle
- a) Processing order
- b) Custom extractors and steganography
- c) Traffic logs
- 5) Methodology of DLP policy creation
- a) Building AUP (Acceptable Use Policy)
- b) Monitoring vs blocking
- c) Classifiers, rules, c-logic, exception rules
- 6) Simple classifiers
- a) Keywords and phrases, dictionaries
- b) Regular expressions
- c) File properties
Day 2
- 1) Scripts and predefined classifiers
- a) Region-specific classifiers
- b) Industry-specific classifiers
- c) Data theft
- 2) Fingerprinting and ML
- a) Unstructured fingerprinting
- b) Structured fingerprinting
- c) Machine Learning
- 3) Data Endpoint
- a) Endpoints controlling applications and file discovery
- b) Endpoint profiles, policies and alerts
- 4) Incidents and reporting
- a) Incident lifecycle
- b) Incident reports
- 5) Advanced incident workflow
- a) Force-release feature
- b) Email based incident workflow
- 6) Delegated Admins
- a) Notifications data owners
- b) Tiered Incident Management
- c) Pseudonymization of source and destination data
- d) Setting up incident response teams
Day 3
- 1) Custom action plans
- a) Deploying simple remediation scripts
- b) SIEM Integration
- 2) High Availability of AP-DATA Manager
- a) Database partitions and file shares
- b) Full backup and restore of a AP-DATA configuration
- c) Semi-automatic failover
- 3) Resource Management
- a) Archiving old incidents and forensics
- b) Distributing fingerprints, policies and AP-DATA resources
- c) System health logs and dashboards
- 4) Alerts, System Events
- a) Configuring system alerts
- b) Scheduling reporting and maintenance
- 5) Upgrades
- a) AP-DATA Manager and AP-DATA Server upgrades
- b) Protector and Endpoint upgrades
- End-User/Customers: System administrators, network security administrators, IT staff
- Channel Partners: Sales Engineers, consultants, implementation specialists
None
During the three days, you will learn how to test existing deployment, how to administer policies and reports, handle incidents and endpoints, upgrade and manage the AP-DATA system. You will develop skills in creating data policies, building custom classifiers and using predefined policies, incident management, reporting, and system architecture and maintenance.
Upon successful completion of the course, delegates will be able to:
- Understand the deployment
- Create and use custom classifiers
- Use predefined classifiers, rules and policies
- Control various channels – network, file discovery and endpoint agents
- Review Incidents and Reports
- Perform the backup and restore for logs and other data
- Perform semi-automatic failover
- Archive incidents and forensics
Day 1
- 1) Intercepting with AP-WEB and AP-EMAIL
- a) Checking the WCG configuration
- b) Checking the AP-EMAIL configuration
- c) Monitoring vs. blocking mode
- d) Intercepting TLS traffic
- 2) Intercepting traffic with Protector
- a) Protector deployment types
- b) ICAP mode
- 3) Discovery with AP-DATA Servers
- a) Classical discovery with crawler
- b) Discovery with FCI Agent
- c) OCR for image analysis
- 4) Transaction Lifecycle
- a) Processing order
- b) Custom extractors and steganography
- c) Traffic logs
- 5) Methodology of DLP policy creation
- a) Building AUP (Acceptable Use Policy)
- b) Monitoring vs blocking
- c) Classifiers, rules, c-logic, exception rules
- 6) Simple classifiers
- a) Keywords and phrases, dictionaries
- b) Regular expressions
- c) File properties
Day 2
- 1) Scripts and predefined classifiers
- a) Region-specific classifiers
- b) Industry-specific classifiers
- c) Data theft
- 2) Fingerprinting and ML
- a) Unstructured fingerprinting
- b) Structured fingerprinting
- c) Machine Learning
- 3) Data Endpoint
- a) Endpoints controlling applications and file discovery
- b) Endpoint profiles, policies and alerts
- 4) Incidents and reporting
- a) Incident lifecycle
- b) Incident reports
- 5) Advanced incident workflow
- a) Force-release feature
- b) Email based incident workflow
- 6) Delegated Admins
- a) Notifications data owners
- b) Tiered Incident Management
- c) Pseudonymization of source and destination data
- d) Setting up incident response teams
Day 3
- 1) Custom action plans
- a) Deploying simple remediation scripts
- b) SIEM Integration
- 2) High Availability of AP-DATA Manager
- a) Database partitions and file shares
- b) Full backup and restore of a AP-DATA configuration
- c) Semi-automatic failover
- 3) Resource Management
- a) Archiving old incidents and forensics
- b) Distributing fingerprints, policies and AP-DATA resources
- c) System health logs and dashboards
- 4) Alerts, System Events
- a) Configuring system alerts
- b) Scheduling reporting and maintenance
- 5) Upgrades
- a) AP-DATA Manager and AP-DATA Server upgrades
- b) Protector and Endpoint upgrades
- End-User/Customers: System administrators, network security administrators, IT staff
- Channel Partners: Sales Engineers, consultants, implementation specialists
None