The Forcepoint CASB Administrator course is designed for people who will manage deployed CASB systems on a day-today basis, performing standard administrative tasks, for example, user administration; managing which cloud accesses CASB brokers; running reports; and using reports to assess risk.

The course also teaches administrators how to perform high-level troubleshooting. Instructors deliver this class via a virtual (online) instructor-led training format (VILT) with dialog with students; hands-on walk-throughs to build administrative competencies, and lab scenarios for students to independently demonstrate competencies.

• Describe Forcepoint CASB’s alignment to the Forcepoint Human Point strategy.
• Locate and define the UI key elements used to accomplish administrative tasks.
• Define the capabilities of Forcepoint CASB.
• Diagram the Forcepoint CASB architecture, naming the main components and their function.
• Discover cloud application usage within the organization’s networks.
• Integrate Active Directory into a Forcepoint CASB instance.
• Add discovered cloud applications as managed assets.
• Configure cloud application access policies, reporting, and notifications.
• Customize and enable DLP and anomaly detection policies.
• Manage compliance and governance policies.
• Perform forensic analysis using Forcepoint CASB.

Module 1: Overview and Getting Started

• Describe what CASB is, its capabilities, and how it protects an organization’s environment.
• Diagram the Forcepoint CASB architecture, list the main components, and define their function.
• List the Forcepoint CASB product requirements.
• Identify the different pages of the Forcepoint CASB UI.
• Create and manage CASB Administrator accounts.
• Define where Forcepoint CASB fits in the Forcepoint Human Point System.

Module 2: Discovery & Definition

• Discover cloud applications and the people in your organization that are using them.
• Explain the purpose of the Add Scan and Remove Scan items in the App Discovery tab.
• Identify the number of high, medium, and low-risk cloud applications detected on the App Discovery dashboard.
• Compare the risk level of cloud applications using the Cloud Application Directory.

Module 3: Asset & Endpoint Management

• Describe the available options for adding assets to CASB.
• Use CASB to manage organizational cloud assets.
• Manage assets using Forcepoint CASB’s API deployment option.
• Configure Reverse Proxy.
• Protect Endpoints with Forward Proxy.
• Install and Configure the CASB endpoint agent (Skyfence Security Service).
• Ensure endpoint traffic flows through the CASB Gateway.
• Enroll endpoints using Self Enrollment and Administrative Enrollment.

Module 4: Managing Audit & Protect Policies

• Create and configure cloud application access policies.
• Block applications by domain name.
• Customize and enable a DLP Quick Policy.
• Customize and enable an Anomaly Detection Quick Policy.
• Create a custom policy using the Custom Policy Editor.
• Generate traffic to test each policy.
• Disable Quick or Custom Policies.

Module 5: Managing Compliance & Governance Policies

• Describe capabilities and limitations of compliance Data Classification and Governance policies.
• Create and schedule a Data Classification policy scan.
• Run the Data Classification policy scan.
• Use the Dashboard and Reports to view sensitive files found.
• Clone and modify a Governance policy.
• Schedule and run a Governance policy scan.
• Use the Governance Dashboard to identify issues surfaced by the scan and delegate via tasks.
• Export a policy and review the policy information a downloaded XML file.

Module 6: Forensic Analysis

• Describe predefined data types.
• Explain the benefit of using built-in CASB data types.
• Identify high risk users and take appropriate actions for compromised or misbehaving users.
• Respond to potential threats from the Audit & Protect dashboard.
• Perform forensic analysis to determine severity levels of anomalies.
• Identify triggered incidents and apply workflow actions.
• Monitor high risk users using the Watchlist.

Module 7: Configuring Notifications & Generating Reports

• Describe notifications.
• Modify an existing notification.
• Create a new notification.
• Add a new notification to an existing policy.
• Describe reports.
• Generate reports.

• System administrators, data security administrators, IT staff
• Sales engineers, consultants, implementation specialists
• Forcepoint channel partners and IT staff

• General understanding of Software as a Service (SaaS) principles.
• General knowledge of Cloud Applications.
• Basic knowledge of Active Directory/User Directory concepts.
• Basic knowledge of IPv4 networking concepts (IP addresses, routing, URLs, proxies, gateways, firewalls).
• User experience with platforms on which Forcepoint CASB will be deployed.
• Basic familiarity with privacy standard terminology and their acronyms (HIPPA, PII, GDPR, PCIDSS).