Traps: Install, Configure, and Manage (EDU-281)(3.4)

Course Objectives
Students will learn how Traps protects against exploits and malware-driven attacks. In hands-on lab exercises, students will install and configure the Endpoint Security Manager (ESM) and Traps endpoint components; build rules; enable and disable process protections; an integrate Traps with Palo Alto Networks WildFire?, which provides prevention and detection of zero-day malware.
 
Course level: Introductory 
Course duration: 2 days
Course format: Combines instructor-facilitated lecture with hands-on labs
Software version: Palo Alto Networks Traps; Advanced Endpoint Protection 3.4
 
Target Audience
Security Engineers, System Administrators, and Technical Support Engineers
 
Prerequisites
Students must have Windows system administration skills and familiarity with enterprise security concepts.
 
Show details
Course Topics
 
Module 1: Traps Overview
? How sophisticated attacks work today
? The design approach of Traps
? Main features of Traps
? Traps resources
 
Module 2: Installing Traps
? Planning the installation
? Installing ESM Server and database
? Installing ESM Console
? Installing agents
? Managing content updates
? Upgrading Traps
 
Module 3: Malicious Software Overview
? Exploitation techniques and their prevention
? Malware techniques and their prevention
 
Module 4: Consoles Overview
? Introduction to ESM Console
? Introduction to the Traps Agent Console
 
Module 5: Traps Protection Against Exploits
? Architecture and overview
? Configuring exploit protection
 
Module 6: Traps Protection Against Malware (including WildFire)
? Architecture and Overview
? WildFire
? Local Analysis
? Trusted Publishers
? Malware Restrictions and Malware Protection Modules
 
Module 7: Managing Traps
? System monitoring
? License administration
? Important server and agent settings
? Agent actions
 
Module 8: Traps Forensics
? Forensic information retrieval
? Responding to prevention events
 
Module 9: Basic Traps Troubleshooting
? Troubleshooting Resources
? Working with Technical Support
? Troubleshooting scenarios