Symantec Security Analytics 7.x Professional
Course Overview
The
Symantec Security Analytics Professional course is designed for participants
who want to learn how to use the Symantec Security Analytics platform to
perform virtually any type of network-based monitoring and forensic analysis,
including incident-response investigation, real-time situational awareness, and
continuous monitoring for indicators of compromise (IOCs) and advanced
persistent threats (APTs).
Details
IT or network security professionals who want to master the use of Blue Coat Security Analytics and who have completed the Symantec Security Analytics Administrator course.
Participants
should have a sound understanding of the OSI reference model and common
networking protocols, and how those protocols make connections, keep state, and
transfer data, along with basic experience with network packet and flow
analysis, including the use of PCAP files, tcpdump, and Wireshark. Basic to
advanced knowledge of best practices for incident response and continuous
monitoring will provide a significant advantage.
How Security Analysis Works
File and Artifact Extraction
Anomaly Detection and Modeling
Data Enrichment
Threat Intelligence Services
Kill Chain Analysis
Indicators of Compromise (IOCs)
Malware Integration
The Virtual Filesystem (VFS)