This is a two-day instructor-led class designed for analysts and
Day 1 introduces FireEye Email Security – Server Edition and
its key components, including detection of malicious files and URLs,
email alerts and quarantine used for containment. This course is
designed primarily for analysts who will derive meaningful, actionable
information from FireEye alerts to assess and triage threats to their environment.
Day 2 is a workshop that introduces a framework for
administration and diagnostics for FireEye Email Security – Server
Edition. It includes checklists, case studies, lab challenges and
guidance for transitioning difficult cases to the FireEye Support
team. This workshop is experiential, hands-on and will give learners
experience in administering an appliance and diagnosing common issues.
After completing this course, learners should be able to
Alert Analysis Course
- Recognize current malware threats and trends
- Understand the threat detection and prevention capabilities of
your FireEye Email Security – Server Edition
- Locate and use
critical information in a FireEye alert to assess a potential
- Examine OS and file changes in alert details to
identify malware behaviors
- Identify Indicators of
Compromise (IOCs) in a FireEye alert and use them to identify
- Identify common issues and steps for resolution with Email
- Perform administration tasks on the
Email Security – Server Edition appliance
underlying technology and protocols of SMTP email transfer
- Using logs, determine status of email transfer and analysis
- Know when to escalate issues and obtain further asssistance from
Who Should Attend
Security professionals, incident responders and email administrators.
A working understanding of networking, email security and email support).