Visão Geral

Este curso proporciona uma introdução aprofundada às tarefas cruciais para a criação e administração do McAfee Endpoint Security. 

Através de uma mistura de laboratórios práticos e palestras interativas, aprenderá as utilizações do McAfee Endpoint Security que combina Prevenção de Ameaças, Proteção Adaptativa de Ameaças, Firewall, e Controlo da Web para tomar medidas imediatas contra aplicações potencialmente perigosas, downloads, websites, e ficheiros.

Publico Alvo

• Este curso destina-se a administradores de sistemas e redes, pessoal de segurança, auditores e/ou consultores preocupados com a segurança de endpoints de sistemas.
  

Pre-Requisitos

• Conhecimento de Windows e administração de sistemas, tecnologias de rede
• Conhecimento básico de segurança informática, sintaxe de linha de comando, malware/anti-malware, vírus/antivírus, e tecnologias web
• Conhecimento do McAfee ePO

Informações Gerais

Carga Horária: 32h

• Se noturno este curso é ministrado de Segunda-feira à sexta-feira, das 19h às 23h
• Se aos sábados este curso é ministrado das 9h às 18h
• Se in-company por favor fazer contato para mais detalhes.

Formato de entrega: 

• 100% on-line ao vivo, via Microsoft Teams na presença de um instrutor/consultor ativo no mercado.
• Nota: não é curso gravado. 

Lab:

• Laboratório + Exercícios práticos

Materiais

Conteúdo Programatico

Course Welcome

1. Introduce the course and course agenda.
2. Introduce the training organization.
3. Show common resources.
4. Describe the lab environment and how to use the Lab Guide.

McAfee Endpoint Security—Solution

1. Describe the solution and its key features.
2. Identify new features and enhancements for this release.
3. Identify the components in a basic deployment architecture.
4. Explain how the solution works.

Planning the Endpoint Security

1. Identify considerations for defining business
2. requirements or objectives.
3. Identify supported operating systems and platform hardware for endpoints. Identify the components included with McAfee Endpoint Security.
4. Identify legacy McAfee solutions you can migrate to McAfee Endpoint Security.
5. Describe the key parts of a deployment plan.

McAfee ePolicy Orchestrator

1. Identify key differences between McAfee ePO OnPremises, McAfee® ePO™ Cloud, and McAfee® MVISION™ ePO™.
2. Identify the purpose of the McAfee Agent.
3. Identify and distinguish between the menu bar options.
4. Identify and explain the purpose of commonly used pages, such as the System Tree, Permissions Sets, and Users pages.
5. Navigate through the interface and access commonly used pages.

Installing McAfee Endpoint Security

1. Packages and Extensions
2. Explain how to obtain the required software components.
3. Identify the steps to install McAfee Endpoint Security for use in McAfee ePO and standalone or selfmanaged environments
4. Identify and distinguish between the required software components
5. Add the required extensions and packages software to the McAfee ePO server
6. Verify the extensions and packages were added successfully to the McAfee ePO server.

Migrating Legacy Settings

1. Explain the purpose of Migration Assistant.
2. Identify situations where manual or automatic migration is useful.
3. Identify the steps to complete a manual migration.
4. Identify the steps to complete an automatic migration.
5. Identify which policy settings migrate.

McAfee Endpoint Upgrade Assistant

1. Identify the key features of the Endpoint Upgrade Assistant (EUA)
2. Describe the differences between using the automatic upgrades and manual upgrades.
3. Identify the products that can be migrated with the EUA.
4. Identify limitations of EUA.
5. Describe the supported command-line options.
6. Describe how EUA works.
7. Define what happens during the upgrade.
8. Identify how to use the Package Creator to customize
9. the McAfee Endpoint Security installation package.

Deploy the McAfee Endpoint

1. Security Client to the Endpoints
2. Identify the different ways to deploy the required software components to endpoint systems.
3. Deploy the required software components to the client endpoints.
4. Verify the success of the deployment.

Using the McAfee Endpoint Security

1. Client
2. Identify two ways to manage McAfee Endpoint Security clients.
3. Open the McAfee Endpoint Security client interface.
4. Log in as an administrator.
5. Navigate through the client interface.
6. Identify the default settings.

Endpoint Security Policy

1. Management Overview
2. Explain the purpose of policies
3. Identify the various actions performed from the Policy Catalog page.
4. Explain how policy inheritance works, as well as how to break inheritance.
5. Explain policy ownership, as well as how to give other users permissions to control selected policy types.

Configuring Common Settings

1. Configure common settings that apply to all McAfee Endpoint Security modules and features, such as:
2. − Client interface
3. − Language
4. − Logging
5. − Proxy server for McAfee® Global Threat Intelligence (GTI) reputation
6. − Update configuration
7. 5 McAfee Endpoint Security 10.7 Administration

Threat Prevention—Configuring

1. Describe the purpose of Access Protection policies.
2. Identify types of McAfee-defined rules.
3. Describe situations where user-defined rules are useful.
4. Describe similarities and differences between McAfeedefined and user-defined rules.
5. Describe how to enable and disable rules.
6. Identify supported wildcards and syntax for exclusions.
7. Customize a McAfee-defined rule.
8. Create a user-defined rule.

Threat Prevention—Configuring

1. Exploit Prevention
2. Describe the key features of McAfee Endpoint Security Exploit Prevention.
3. Configure Exploit Prevention policies to meet customer requirements.
4. Describe what happens if a system has both the Host Intrusion Prevention System and McAfee Endpoint Security installed.
5. Describe how to configure the Network Intrusion feature of McAfee Endpoint Security.
6. List the severities of the Exploit signatures
7. Define the types of expert rules.
8. Define the application protection rules and how they work.
9. Define how to create an exception for the signatures.

Threat Prevention—Configuring OnAccess Scan

1. Identify the different types of scanners that McAfee Endpoint Security provides.
2. Explain how the on-access scanner works
3. Configure on-access scan settings to meet customer requirements.

Threat Prevention—Configuring OnDemand Scans

1. Identify the different types of on-demand scans that McAfee Endpoint Security provides.
2. Explain how the on-demand scanners work.
3. Configure on-demand scanner settings to meet customer requirements.

Threat Prevention—Configuring the Options Policy

1. Identify the purpose of the Quarantine Manager, Exclusions by Detection Name, and Potentially Unwanted Program (PUP) Detection.
2. Describe some ways to manage quarantined items.
3. Configure Quarantine Manager, Exclusions by Detection Name, and PUP Detection settings as necessary to meet customer requirements.

Configuring Adaptive Threat Protection

1. Identify the purpose of the Adaptive Threat Protection module.
2. Deploy Adaptive Threat Protection.
3. Identify the different policies available for Adaptive Threat Protection, as well as their default settings.
4. Configure Adaptive Threat Protection policies to meet customer requirements.
5. Configure Adaptive Threat Protection Server Settings.

Firewall Overview and Configuring Firewall Options

1. Identify the purpose of the Firewall module.
2. Distinguish between the two types of Firewall policies.
3. Configure settings in the Firewall Options policy to meet customer requirements.

Configuring Firewall Rules and Groups

1. Identify the purpose of Firewall rule and groups.
2. Distinguish between settings for Firewall rules and groups.
3. Identify considerations for rule design.
4. Identify the purpose of location awareness, connection isolation, and timed groups.
5. Describe best practices for Firewall configuration and rule design.
6. Configure Firewall rules and groups to meet customer requirements.

Configuring Web Control

1. Identify the purpose of the Web Control module.
2. Identify key features that Web Control provides
3. Identify the different policies available for Web Control, as well as their default settings.
4. Configure Web Control policies to meet customer requirements.

Monitoring and Reporting

1. Access, navigate, and interpret dashboards.
2. Describe situations where customized dashboards are useful.
3. Generate and interpret queries and reports.
4. View threat event detail.

Protection Workspace Overview

1. List the elements of the Protection Workspace user interface.
2. Use the Protection Workspace dashboard to monitor your environment.

McAfee Endpoint Security for Servers

1. Describe the Smart Scheduler of McAfee Endpoint Security for Servers.
2. Describe how to create resource-intensive tasks and a time slot for smart scheduling in the UI of the Smart Scheduler Catalog and Smart Scheduler.
3. Describe the components and benefits of McAfee Endpoint Security for Servers.
4. Describe how the CPU load is calculated.
5. Describe how Smart Scheduler decides the number of instances that can run the ondemand scan while maintaining the CPU Utilization value below the threshold value.
6. List the benefits of McAfee Endpoint Security for Servers.

Data Exchange Layer and McAfee

1. Threat Intelligence Exchange Overview
2. Describe the Data Exchange Layer Overview (DXL) solution and its key features.
3. Describe the McAfee Threat Intelligence Exchange (TIE) solution and its key features.