AMP for Endpoints Overview, Architecture, Custom Detection, and AMP Policy

IT professionals including managers, engineers, and developers evaluating or implementing network and application security using new Cisco technology, as well as CCNP security certification candidates

Prerequisite
None

Expected Duration
54 minutes

Description
In order to stop malware incidents, one must mitigate as close to the source as possible. Advanced Malware Solution is industry-leading technology to control malware early in the life cycle. This course is one in a series in the Skillsoft learning path that covers the objectives of the Implementing Cisco Threat Control Solutions (SITCS) 1.5 exam, 300-210.

Objective

AMP for Endpoints Overview

  • start the course
  • describe modern malware and why defenses fail
  • define AMP for Endpoints
  • describe AMP for Endpoints architecture and AMP Connector architecture
  • install components and Connector component interaction
  • specify the role of the AMP cloud
  • recognize transaction processing
  • work with real-time data mining
  • define private cloud architecture and modes

Customizing Detection and AMP Policy

  • describe detection, application control, DFC options, and IOCs
  • recognize Endpoint Policy
  • define policy modes
  • describe simple custom detections
  • create a simple custom detection
  • describe application blocking
  • work with advanced custom signatures
  • define whitelisting
  • specify Android custom detections
  • describe DFC IP blacklists and whitelists
  • configure exclusions and custom exclusion sets

Practice: AMP for Endpoints

  • define AMP for Endpoints

MONTHLY SUBSCRIPTION

$129/month
 

ANNUAL SUBSCRIPTION

$1295/year

Multi-license discounts available for Annual and Monthly subscriptions.