This 4-day course examines how to triage alerts generated by Network
and Endpoint Security, derive actionable information from those
alerts, and apply the fundamentals of live analysis and investigation
to investigate associated endpoints.
Hands-on activities span the entire analysis and live investigation
process, beginning with a Trellix-generated alert, leading to
discovery and analysis of the host for evidence of malware and other
unwanted intrusion. Endpoint analysis focuses on investigation
techniques using features of Endpoint security, such as the Triage
Summary, Audit Viewer, and Acquisitions..
Training provided by: FireEye
START DATE: November 1, 2022 9:00am CDT
END DATE: November 4, 2022 5:00pm CT
LOCATION: ILT via WebEx. Details will be provided on
A working understanding of networking and network security, the
Windows operating system, file system, registry and regular
expressions, and experience scripting in Python.
FireEye Network Security Deployment eLearning
Security Deployment eLearning
Students must have access to a laptop running one of the following
browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10
or greater). Wireshark is recommended.
If possible, we recommend using an external monitor or dual-screen
setup. This will enable you to view the class materials and virtual
lab interface simultaneously.