Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this two day, instructor-led course equips the student to install Traps in basic configurations.

Course Objectives

Students will learn how Traps protects against exploits and malware-driven attacks. In hands-on lab exercises, students will install and configure the Endpoint Security Manager (ESM) and Traps endpoint components; build rules; enable and disable process protections; and integrate Traps with Palo Alto Networks WildFire™, which provides prevention and detection of zero-day malware.

Scope

  • Course level: Introductory
  • Course duration: 2 days
  • Course format: Combines instructor-facilitated lecture with hands-on labs
  • Software version: Palo Alto Networks Traps Advanced Endpoint Protection 3.4

Sessions

Mod 1: Traps Overview

  • How sophisticated attacks work today
  • The design approach of Traps
  • Main features of Traps
  • Traps resources

Mod 2: Installing Traps

  • Planning the installation
  • Installing ESM Server and database
  • Installing ESM Console
  • Installing agents
  • Managing content updates
  • Upgrading Traps

Mod 3: Malicious Software Overview

  • Exploitation techniques and their prevention
  • Malware techniques and their prevention

Mod 4: Consoles Overview

  • Introduction to ESM Console
  • Introduction to the Traps Agent Console

Mod 5: Traps Protection Against Exploits

  • Architecture and overview
  • Configuring exploit protection
Mod 6: Traps Protection Against Malware (including WildFire)

  • Architecture and Overview
  • WildFire
  • Local Analysis
  • Trusted Publishers
  • Malware Restrictions and Malware Protection Modules

Mod 7: Managing Traps

  • System monitoring
  • License administration
  • Important server and agent settings
  • Agent actions

Mod 8: Traps Forensics

  • Forensic information retrieval
  • Responding to prevention events

Mod 9: Basic Traps Troubleshooting

  • Troubleshooting Resources
  • Working with Technical Support
  • Troubleshooting scenarios

 

Security Engineers, System Administrators, and Technical Support Engineers

Prerequisite

Students must have Windows system administration skills and familiarity with enterprise security concepts.

No schedule at the moment