RSA NetWitness Endpoint Foundations 4.3

Document created by Joseph Cantor Employee on Dec 18, 2019Last modified by Don Croad on Jan 19, 2020
Version 3Show Document
  • View in full screen mode

On-demand

 

 

 

In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us

Summary

This On-Demand training introduces security analysts and executives to the major features of RSA NetWitness Endpoint, including Instant Indicators of Compromise and the Modules and Machines interfaces.

 

Overview

This recorded training course provides a general introduction to RSA NetWitness Endpoint analysis. Students will participate in both lecture and hands-on experience using the RSA NetWitness Endpoint Analytics tool. The course consists of about 50% hands-on lab work, using a virtual lab environment.

 

Audience

Anyone new to RSA NetWitness Endpoint interested in increasing their familiarity with the tool’s features and functions within the context of endpoint investigation and analysis. 

 

Duration

8 hours

 

Prerequisite Knowledge/Skills

No prerequisite requirements but basic knowledge of malware, networking fundamentals and general security concepts is recommended.

 

Course Objectives

Upon successful completion of this course, participants should be able to:

  • Discuss what NetWitness Endpoint is and what it does
  • Identify architecture components
  • Review malicious modules
  • Prioritize modules and endpoint machines by apparent threat level
  • Navigate the NetWitness Endpoint interface to investigate suspicious files and processes
  • Make basic NetWitness Endpoint customizations
  • Perform basic analysis

 

 

 

 

 

 

On-demand

 

 

In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us

Attachments

    Outcomes