Visão Geral

O Curso Deep Security for Certified Professionals, para Profissionais Certificados é um curso de três dias, ministrado por instrutor. Os participantes aprenderão a usar o Deep Security Software para segurança avançada em nuvem híbrida em servidores físicos, virtuais e baseados em nuvem. Este curso detalha a arquitetura básica da solução Deep Security Software on-premises, opções de implantação, módulos de proteção, configuração de políticas e administração do sistema. Como parte do curso, os participantes implantarão agentes do Deep Security Software em diversas plataformas Windows Server. Serão discutidas as melhores práticas e detalhes de solução de problemas para a implementação bem-sucedida e a manutenção a longo prazo do sistema. Os participantes também serão apresentados aos recursos de XDR e inteligência contra ameaças do Trend Vision One™.

Objetivo

Após a conclusão deste curso Deep Security for Certified Professionals,serão capazes de:

• Descreva a finalidade, as características, as funções e as capacidades do Deep Security Software 
• Defina e instale os componentes que compõem o software de segurança avançada.
• Implemente a segurança ativando módulos de proteção.
• Integre o software de segurança avançada com o Trend Vision One.
• Faça o exame de Certificação Profissional em Segurança Avançada da Trend Micro para o Software Trend Micro.

Publico Alvo

• Profissionais de segurança da informação
• Administradores de sistemas Linux e Windows
• Engenheiros de infraestrutura e cloud
• Profissionais de SOC e operações de segurança
• Arquitetos de segurança e compliance

Materiais

Conteúdo Programatico

Product Overview

1. Introduction to Deep Security Software
2. Deep Security Software protection modules
3. Deep Security Software deployment options
4. Deep Security Software components

Trend Micro™ Deep Security™ Manager

1. Server, operating system, and database requirements
2. Deep Security Manager architecture
3. Installing and upgrading Deep Security Manager

Deploying Deep Security Agents

1. Deep Security agent architecture
2. Deploying Deep Security agents

Managing Deep Security Agents

1. Command line operations
2. Resetting agents
3. Protecting agents
4. Viewing computer protection status
5. Upgrading Deep Security agents
6. Organizing computers using groups and Smart Folders 
7. Protecting container hosts

Keeping Deep Security Software Up to Date

1. Security updates
2. Software updates
3. Deep Security Software relays

Global Threat Intelligence

1. Global threat intelligence services used by Deep Security Software
2. Configuring the global threat intelligence source

Policies

1. Policy inheritance and overrides
2. Creating new policies
3. Running recommendation scans

Protecting Servers from Malware

1. Anti-malware scanning techniques
2. Enabling anti-malware protection
3. Trend Micro™ Smart Scan™

Blocking Malicious Websites

1. Enabling web reputation
2. Setting the security level

Filtering Traffic Using the Firewall

1. Enabling the Deep Security Software firewall
2. Firewall rules
3. Traffic analysis
4. Traffic order of analysis
5. Port scan

Protecting Servers from Vulnerabilities

1. Virtual patching
2. Detecting suspicious network activity
3. Protocol control
4. Web application protection
5. Enabling intrusion prevention
6. Intrusion prevention rules
7. Security Sockets Layer (SSL) filtering
8. Protecting web applications

Detecting Changes to Protected Servers

1. Enabling integrity monitoring
2. Running recommendation scans
3. Detection changes to baseline objects

Blocking Unapproved Software

1. Enforcement modes
2. Enabling application control
3. Detecting software changes
4. Creating an inventory of approved software
5. Pre-approving software changes

Inspecting Logs on Protected Servers

1. Enabling log inspection
2. Running recommendation scans

Controlling Access to External Storage Devices

1. Enforcement settings
2. Enabling device control

Events and Alerts

1. Event forwarding
2. Alerts
3. Event tagging
4. Reporting

Automating Deep Security Software Operations

1. Scheduled tasks
2. Event-based tasks
3. Quick start templates
4. Baking the Deep Security Software agent into an Amazon Machine Image (AMI)
5. Application programming interface

Integrating with Trend Vision One

1. Trend Vision One capabilities
2. Collecting telemetry
3. Connecting Deep Security Software to Trend Vision One
4. Endpoint inventory
5. Trend Endpoint Basecamp

Introduction to XDR Threat Investigation

1. Detection models
2. Observed attack techniques
3. Navigating within workbenches
4. Searching within the data lake

Detecting Emerging Malware Through Threat Intelligence

1. Threat Intelligence phases
2. Threat Intelligence requirements 
3. Configuring Deep Security Software for Threat Intelligence
4. Tracking submissions

Appendix Topics

1. Activating and managing multiple tenants
2. Troubleshooting common Deep Security Software issues