AMP for Endpoints Overview, Architecture, Custom Detection, and AMP Policy

IT professionals including managers, engineers, and developers evaluating or implementing network and application security using new Cisco technology, as well as CCNP security certification candidates


Expected Duration
54 minutes

In order to stop malware incidents, one must mitigate as close to the source as possible. Advanced Malware Solution is industry-leading technology to control malware early in the life cycle. This course is one in a series in the Skillsoft learning path that covers the objectives of the Implementing Cisco Threat Control Solutions (SITCS) 1.5 exam, 300-210.


AMP for Endpoints Overview

  • start the course
  • describe modern malware and why defenses fail
  • define AMP for Endpoints
  • describe AMP for Endpoints architecture and AMP Connector architecture
  • install components and Connector component interaction
  • specify the role of the AMP cloud
  • recognize transaction processing
  • work with real-time data mining
  • define private cloud architecture and modes

Customizing Detection and AMP Policy

  • describe detection, application control, DFC options, and IOCs
  • recognize Endpoint Policy
  • define policy modes
  • describe simple custom detections
  • create a simple custom detection
  • describe application blocking
  • work with advanced custom signatures
  • define whitelisting
  • specify Android custom detections
  • describe DFC IP blacklists and whitelists
  • configure exclusions and custom exclusion sets

Practice: AMP for Endpoints

  • define AMP for Endpoints





Multi-license discounts available for Annual and Monthly subscriptions.