The Symantec Security Analytics Professional course is designed for participants who want to learn how to use the Symantec Security Analytics platform to perform virtually any type of network-based monitoring and forensic analysis, including incident-response investigation, real-time situational awareness, and continuous monitoring for indicators of compromise (IOCs) and advanced persistent threats (APTs).
Audience: IT or network security professionals who want to master the use of Blue Coat Security Analytics and who have completed the Symantec Security Analytics Administrator course.
Event Number: SYMAN-1180
Available Languages: English (US)
This class covers the following topics
How Security Analysis Works
File and Artifact Extraction
Anomaly Detection and Modeling
Threat Intelligence Services
Kill Chain Analysis
Indicators of Compromise (IOCs)
The Virtual Filesystem (VFS)
Participants should have a sound understanding of the OSI reference model and common networking protocols, and how those protocols make connections, keep state, and transfer data, along with basic experience with network packet and flow analysis, including the use of PCAP files, tcpdump, and Wireshark.
Basic to advanced knowledge of best practices for incident response and continuous monitoring will provide a significant advantage