Sophos eLearning Administrator Enduser Protection - CO10-OD

  • Duration:2.00 Days
  •      Price:750.00 USD

To add to cart,
Log in here

This course is designed for technical professionals who will be administering Sophos Enduser Protection and provides the skills necessary to manage endpoints that are standalone or part of a Microsoft Active Directory network.  It consists of presentations and practical lab exercises to reinforce the taught content, and electronic copies of the supporting documents for the course will be provided to each trainee through the online portal.  The course is expected to take 2 days to complete, of which approximately half will be spent on the practical exercises.

Audience: To complete the course, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80%, and trainees should note that to become a Sophos Certified Administrator for Enduser Protection.

Available Languages: English (US)

Subjects: Technical

Course Detail:

Module 1 : Security threats and how we Sophos protects against them
o Introduction to security threats
o Malicious code
Examples – Exploit kits, Remote Access Trojan, Ransomware
Anti-virus and HIPS
Web Protection
Client firewall
Device Control
o Botnets
Malicious Traffic Detection (MTD)
o Software vulnerabilities
Application Control
Patch Assessment
o Data Loss / Leakage
Data Protection
Device Control
o Inappropriate browsing
Web Control
o Social Engineering and Phishing
The importance of user education
o Ransomware
The importance of backups
o Sophos Endpoint Security and Control
o Sophos Enterprise Console
o Demonstration – Enterprise Console user interface
o SophosLabs
o On-premise versus Cloud
No hardware to manage
Combine with XG
Security Heartbeat
Lab 1 – Sophos Enduser Protection in action
Use Sophos Enterprise Console
Test features of Sophos Anti-virus and HIPS
Test Application, Data and Web Control
Module 2 : Managing anti-virus and HIPS
o Sophos Enterprise Console o Anti-virus and HIPS policy
Sophos engines
On-demand scanning
On-access scanning
Configuring extensions and exclusions
Live Protection
Malicious Traffic Detection (MTD)
Scheduled scanning
Why this is important
HIPS
Web Protection
o Best practice for policy configuration
Sophos Policy Evaluation Tool
o Tamper Protection
Lab 2 – Managing anti-virus and HIPS (¾ hour)
o Configure anti-virus and HIPS policies
o Discover best practice settings for Anti-virus and HIPS policies
o Configure and test tamper protection

Module 3 : Management at the endpoint
o Enduser experience in Windows
o Windows Services
o Windows Groups
o Dealing with threats
o Quarantine Manager
Options for dealing with items in quarantine
o Configuring and viewing logs
o Authorization Manager
o Update now
o Running a full scan
o Sophos Clean
o Enduser experience on a Mac
Lab 3 – Management at the endpoint
o Manage detections using Quarantine Manager and Enterprise Console
o View endpoint logs
Module 4 : Managing application, data and device control
o Application control
o Data control
o Device control
o Event viewers and dashboard
Lab 4 – Managing and testing polices for application, data and device control
o Configure and test application control policies
o Configure and test data control policies
o Configure device control policies
Module 5 - Managing policies for web control, patch and firewall
o Managing web control
o Patch assessment
o Configuring firewall policies
Lab 5 – Managing and testing policies for web control and firewall
o Configure web control
o Configure firewall policies
Module 6 : Solution architecture (¾ hour)
o Sophos Enterprise Console database
o Installation scenarios
o Component overview
o Component communication

Module 7 : Deploying Enduser Protection
o Enduser Protection system requirements
o Deployment pre-requisites
o Enduser Protection installation methods
Enterprise Console Groups
Protect computers wizard
Synchronize with Active Directory
Deploy using Active Directory Startup scripts
Deploying on a disk image
Manual installation
Custom Installer packages
o Competitor Removal Tool (CRT)
o Mac deployment
o Demonstration – Mac Enduser Protection Client
o Supported policies by endpoint platform
o Product upgrades
Lab 7 – Deploying Sophos Enduser Protection
o Perform connection tests between the CLIENT2 and SEC
o Perform a manual deployment of the enduser protection client
o Discover and import computers on the network using Active Directory
o Manage Enterprise Console groups and policies
o Perform a deployment via Enterprise Console
o Deploy Enduser Protection using Active Directory Group Policy
o Create a deployment package for Windows
o Review changes made by the installation
Module 8 : Managing updating
o Update Managers in SEC
o Software Subscriptions
o Sophos Update Manager
o HTTP Updating
o Updating Policy
Lab 8 – Managing updating
o Verify settings for updating
o View the default updating policy
o Create a web CID and web warehouse on an IIS server
o Create new policies that use the web CID

Module 9 : Administration and reporting
o The Dashboard
Alerts, smart views and right click actions
o Reporting
Report Manager
Creating reports
Running and exporting reports
Sophos Reporting Interface
o Auditing
o Configuring role-based administration
o PurgeDB
o Database backup and restore
Lab 9 – Administration and reporting
o Use Sophos Enterprise Console to configure Dashboard settings and view reports
o Configure email alerting from endpoints for Anti-virus and HIPS
o Use the Sophos Reporting Interface
o Backup configuration and the database
o Create a scheduled task to run PurgeDB
o Configure role-based administration
Module 10 : Obtaining support
o The Sophos support site
o Log files for RMS, Sophos Agent, SAV, SUM etc…. are located and what type of
information they store.
o The Sophos Diagnostic Utility
o Sample submission
Lab 10 – Obtaining Support
o Use the Sophos Diagnostic Utility

Pre-Requisite Text:
There are no pre-requisite for this course, however it is recommended that students should:
Be able to setup a Windows server, with Windows workstations
Have knowledge of general Windows networking and Microsoft Active Directory