Email Security Cloud (ETP-C)

This course provides an overview of Email Security Cloud core functionality and covers administration procedures with alert analysis.

Hands-on activities include rule/policy creation, alert generation and the breakdown and analysis of information found in a FireEye email alert that is used in incident reporting.

Learning Objectives

After completing this course, learners should be able to:

  • Demonstrate knowledge of the email analysis process
  • Identify Email Security Cloud deployment modes
  • Describe the various email services that integrate with Email Security Cloud
  • Configure Email Security Cloud settings, policies and notifications
  • Describe the various queues used for email management and processing
  • If using FireEye Network Security, list steps for integration with Email Security Cloud and identify correlated alerts
  • Find critical alert information on the Dashboard
  • Access and manage alerts and quarantined emails
  • Examine OS and file changes in alert details to identify malware behaviors

Who Should Attend

Analysts (primary) and administrators responsible for the set up and management of Email Security Cloud.


A working understanding of networking and network security, the Windows operating system, file system, registry and use of the command line interface (CLI).


1 day

Instructor-Led Training Instructor-Led Training

Courses cannot be purchased or accessed from this site.

If you would like to register for this course, please contact your FireEye account manager.

Thank you.

Course Outline

Instructor-led sessions are typically a blend of lecture and hands-on lab activities.

  1. FireEye Core Technology
    • Malware infection cycle
    • MVX engine
    • Appliance analysis phases
  2. Introduction to Email Security Cloud
    • Email Security Cloud internal flow
    • Phishing email attacks
    • Header, attachment and URL analysis
    • Anti-fraud detection
    • Compliance
  3. Email Security Cloud Deployment
    • Deployment Modes
    • Cloud Email Service Integration
    • Authentication settings
    • Policy configuration
    • Detection verification
    • Email notifications
    • Email Queues
    • Email Security Cloud and Network
    • Security integration and alert correlation
  4. Alert Administration
    • Dashboard
    • Email Alerts
    • Email Quarantine
    • Email Trace
    • Reporting