GB
/
GBP
/
EN

Symantec Cyber Security Services R1 - SCSS-R1

WGAC-SYM-SCSS-R1

Broadcom Symantec

Description

Show Tabs
Introduction

The Cyber Security Services Administration course will provide a technical deep dive and hands on experience with Symantec’s Cyber Security Services.

Prerequisites & Audience

It is recommended that the student has 1-3 months experience working with the Managed Security Services SOC and Log Collection Platform plus Symantec Managed Security Services Portals (Both DeepSight Intelligence portal and MSS Portal), including performing integration projects with DeepSight Application Programming Interface (APIs).

Who Should Attend

This course is for partners and Symantec staff that are charged with the configuration, integration, and day-to-day management of Managed Security Services and Deepsight Intelligence.



Course Benefits

By the completion of this course, you will be able to:

  • Have a solid understanding of the current cyber security market conditions and the need for Cyber Security Services
  • Identify the components of the technical architecture of Symantec’s CSS Services and understand how it integrates with the customer’s environment
  • Understand the Business Objectives achieved by CSS Services
  • Identify the competitive differentiators of Symantec’s CSS Services
Course Topics

Lesson 1: Overview of Cyber Security Services

  • Current Threat Landscape and the need for CSS
  • Symantec Information Protection Strategy
  • Introduction to Cyber Security Services

Lesson 2: Managed Security Services Overview

  • Introduction to Symantec Managed Security Services
  • 24x7 Global Threat Monitoring by trained security analysts
  • Timely validation and remediation of security incidents
  • Protect Against Evolving Complexity and Advanced Threats in Cybersecurity
  • Managed Security Services Portal Login Overview

Lesson 3: Achieving 24x7 Global Threat Monitoring

  • Managed Security Services Architecture
  • 24x7 Global Threat Monitoring by trained security analysts
  • Managed Security Services Portal Overview

Lesson 4: MSS Platform and Architecture Overview

  • Leveraging Existing SIEMs
  • MSS Log Collection Platform (LCP) Architecture and Transport Methods
  • Providing for Log Aggregation with Symantec Event Agent and Collectors
  • Implementing a Solution Design Onsite
  • Comprehensive Support of Device Types and Log Collection Categories

Lesson 5: Timely Validation of Security Incidents

  • What is the SOC Technology Platform?
  • Provide for Timely Log Collection and Storage to meet Business Requirements
  • STP Automated Validation Process Decreases Time for Incident Validation
  • Timely Identification, Analysis, and Notification of Security Incidents

Lesson 6: Protecting Against Advanced Threats by Leveraging Threat Intelligence in MSS

  • The Evolution of Threats
  • Solving the Advanced Threat Problem
  • Leveraging the capabilities of ATP with MSS

Lesson 7: Security Monitoring and Managed IDS

  • MSS Security Monitoring Solution
  • MSS Managed IDS Solution

Lesson 8: Managed Security Services Review

  • Review of Symantec Managed Security Services Architecture
  • 24x7 Global Threat Monitoring by trained security analysts
  • Timely validation and remediation of security incidents
  • Protect Against Evolving Complexity and Advanced Threats in Cybersecurity
  • Security Monitoring and Managed IDS Solutions

Lesson 9: Impact of Security Intelligence

  • The Evolving Threat Landscape
  • On the Nature of Security Intelligence
  • The Value of Security Intelligence Across the Enterprise
  • Intelligence as a Proactive Solution

Lesson 10: Symantec Deepsight Intelligence Overview

  • Introduction to the Global Intelligence Network
  • Sources of Information in the GIN
  • Managed Adversary Threat Intelligence
  • Additional Sources

Lesson 11: Provide for Context Aware Threat Intelligence Portal with Delegate Authority based on User and Group Roles

  • DeepSight Portal Access and Layout
  • DeepSight Portal Contents and Navigation
  • Licensing and Portal Levels
  • Configuring the Organization Profile and Licenses
  • Account Management, Users, Roles, and Groups

Lesson 12: Provide for More Targeted Intelligence and Minimizing Noise by Utilizing Technology Lists

  • Technology List purpose and theory
  • Creating a Technology List
  • Publishing and Sharing Technology Lists
  • Uploading Lists

Lesson 13: Provide for Timely Alerts and Access to Custom Reporting Based on Customer Policies and Practices

  • Alerts and Monitors Overview
  • Creating an Alert
  • Alert Delivery Methods
  • Mining DeepSight for Custom Reporting
  • Scheduled Reports and Report Delivery

Lesson 14: Leveraging Threat Intelligence with Existing SIEM Investment in Support of Customer Policies and Practices

  • Datafeed Types and Value
  • The Security Risk Datafeed
  • The Vulnerabilty Datafeed
  • Basic and Advanced IP Reputation Datafeeds
  • Basic and Advanced URL/Domain Reputation Datafeeds
  • Methods of Integration and Tools
  • Datafeed Integration with ArcSight
  • Datafeed Integration with SPLUNK
  • Datafeed Integration with Risk Fabric

Lesson 15: Integrating DeepSight Threat Intelligence into Custom Applications with the DeepSight API

  • A New Access Method
  • DeepSight API Details
  • DeepSight API Entitlements

Lesson 16: Deepsight Intelligence Review




Broadcom Symantec courses


Symantec Endpoint Protection 12x Maintain and Troubleshoot - ENDPOINT-MT
CODE: WGAC-SYM-ENDPOINT-MT
Symantec Deployment Solution 7.5: Administration - SDS-ADMIN
CODE: WGAC-SYM-SDS-ADMIN
Symantec Data Loss Prevention 15.x: Administration - DLP
CODE: WGAC-SYM-DLP
Symantec Control Compliance Suite CCS 11.0 Module Course - CCS-MODUL
CODE: WGAC-SYM-CCS-MODUL
Symantec Encryption Management Server 3.3 and Desktop 10.3: Administration - EMSD-ADMIN
CODE: WGAC-SYM-EMSD-ADMIN
Symantec Endpoint Protection 14.x: Differences - ENDPOINT-D
CODE: WGAC-SYM-ENDPOINT-D
Symantec Cloud SOC R1 - CLD-SOC-R1
CODE: WGAC-SYM-CLD-SOC-R1
SSL Visibility 5.0 Administration - SSLV
CODE: WGAC-SYM-SSLV
Symantec Endpoint Protection 14.x: Configure and Protect - ENDPOINT-CP
CODE: WGAC-SYM-ENDPOINT-CP
Symantec Control Compliance Suite 11.0: Administration - CCS-ADMIN
CODE: WGAC-SYM-CCS-ADMIN
Symantec Messaging Gateway 10.6: Administration - SMG-ADMIN
CODE: WGAC-SYM-SMG-ADMIN
Symantec Client Management Suite 7.6: Administration - CMS-ADMIN
CODE: WGAC-SYM-CMS-ADMIN
Symantec Advanced Threat Protection 2.x: Incident Response - ATP-IR
CODE: WGAC-SYM-ATP-IR
Symantec Client Management Suite 7.6: Implementation - CMS-IMPL
CODE: WGAC-SYM-CMS-IMPL
Symantec Endpoint Protection 14.x: Manage and Administer - ENDPOINT-MA
CODE: WGAC-SYM-ENDPOINT-MA
Symantec ProxySG 6.7 Advanced Administration - BCCPP
CODE: WGAC-SYM-PROXYADV
Symantec IT Management Suite 8.0: Administrators - SITS-ADMIN
CODE: WGAC-SYM-SITS-ADMIN
Symantec Lab rental - Westcon internal only
CODE: WGAC-SYM-LABRENTAL
Symantec Cyber Security Services R1 - SCSS-R1
CODE: WGAC-SYM-SCSS-R1
Symantec Content Analysis 2.x: Administration - CAS
CODE: WGAC-SYM-CAS
Symantec Endpoint Protection 14.x: Plan and Implement - ENDPOINT-PI
CODE: WGAC-SYM-ENDPOINT-PI
Symantec ProxySG 6.7 Basic Administration - BCCPA
CODE: WGAC-SYM-PROXYBASIC
Symantec Security Analytics 8 Administrator - SSA-ADMIN
CODE: WGAC-SYM-SSA-ADMIN
Symantec Endpoint Encryption 11.x: Install, Configure and Deploy - ENDPOINT-ISD
CODE: WGAC-SYM-ENDPOINT-ISD
Symantec Security Analytics 7.x: Professional - SSA-PROF
CODE: WGAC-SYM-SSA-PROF
Symantec Data Center Security: Server Advanced 6.7 Administration - DCSSA-ADMIN
CODE: WGAC-SYM-DCSSA-ADMIN
Symantec Control Compliance Suite Vulnerability Manager 12.x Foundations - CCSVM-FOUNDATION
CODE: WGAC-SYM-CCSVM-FOUNDATION
This website uses cookies to ensure you get the best experience on our website.