GB
/
GBP
/
EN

Shaping the future of IT skills

Maximising IT performance through learning

Symantec Security Analytics 7.x: Professional - SSA-PROF

WGAC-SYM-SSA-PROF

Broadcom Symantec

Description

Show Tabs
Introduction

The Symantec Security Analytics Professional course is designed for participants who want to learn how to use the Symantec Security Analytics platform to perform virtually any type of network-based monitoring and forensic analysis, including incident-response investigation, real-time situational awareness, and continuous monitoring for indicators of compromise (IOCs) and advanced persistent threats (APTs).

Prerequisites & Audience

Participants should have a sound understanding of the OSI reference model and common networking protocols, and how those protocols make connections, keep state, and transfer data, along with basic experience with network packet and flow analysis, including the use of PCAP files, tcpdump, and Wireshark. Basic to advanced knowledge of best practices for incident response and continuous monitoring will provide a significant advantage.

Course Benefits

By the completion of this course, you will be able to:

  • Map high-level operational functions to internal system modules and identify how data flows through the system
  • Use reports and extractions to find and analyze relevant data to solve problems
  • Use comparisons and advanced display filters to narrow search results
  • Import/export PCAPs for forensic analysis and archival functions
  • Use actions, alerts, and real-time extractor
  • Use the Security Analytics platform for incident-response
  • Apply kill-chain analysis to discover and describe indicators of compromise
  • Navigate and query the virtual file system

Who Should Attend

IT or network security professionals who want to master the use of Blue Coat Security Analytics and who have completed the Symantec Security Analytics Administrator course.

Course Topics

This course covers:

  • How Security Analysis Works
  • File and Artifact Extraction
  • Anomaly Detection and Modeling
  • Data Enrichment
  • Threat Intelligence Services
  • Kill Chain Analysis
  • Indicators of Compromise (IOCs)
  • Malware Integration
  • The Virtual Filesystem (VFS)

Broadcom Symantec courses


SSL Visibility 5.0 Administration - SSLV
CODE: WGAC-SYM-SSLV
Symantec Security Analytics 7.x: Professional - SSA-PROF
CODE: WGAC-SYM-SSA-PROF
Symantec Security Analytics 8 Administrator - SSA-ADMIN
CODE: WGAC-SYM-SSA-ADMIN
Symantec Messaging Gateway 10.6: Administration - SMG-ADMIN
CODE: WGAC-SYM-SMG-ADMIN
Symantec IT Management Suite 8.0: Administrators - SITS-ADMIN
CODE: WGAC-SYM-SITS-ADMIN
Symantec Deployment Solution 7.5: Administration - SDS-ADMIN
CODE: WGAC-SYM-SDS-ADMIN
Symantec Cyber Security Services R1 - SCSS-R1
CODE: WGAC-SYM-SCSS-R1
Symantec Endpoint Protection 14.x: Plan and Implement - ENDPOINT-PI
CODE: WGAC-SYM-ENDPOINT-PI
Symantec Endpoint Protection 14x Maintain and Troubleshoot - ENDPOINT-MT
CODE: WGAC-SYM-ENDPOINT-MT
Symantec Endpoint Protection 14.x: Manage and Administer - ENDPOINT-MA
CODE: WGAC-SYM-ENDPOINT-MA
Symantec Endpoint Protection 14.x: Configure and Protect - ENDPOINT-CP
CODE: WGAC-SYM-ENDPOINT-CP
Symantec Encryption Management Server 3.3 and Desktop 10.3: Administration - EMSD-ADMIN
CODE: WGAC-SYM-EMSD-ADMIN
Symantec Data Loss Prevention 15.x: Administration - DLP
CODE: WGAC-SYM-DLP
Symantec Data Center Security: Server Advanced 6.7 Administration - DCSSA-ADMIN
CODE: WGAC-SYM-DCSSA-ADMIN
Symantec Client Management Suite 7.6: Implementation - CMS-IMPL
CODE: WGAC-SYM-CMS-IMPL
Symantec Client Management Suite 7.6: Administration - CMS-ADMIN
CODE: WGAC-SYM-CMS-ADMIN
Symantec Cloud SOC R1 - CLD-SOC-R1
CODE: WGAC-SYM-CLD-SOC-R1
Symantec Control Compliance Suite Vulnerability Manager 12.x Foundations - CCSVM-FOUNDATION
CODE: WGAC-SYM-CCSVM-FOUNDATION
Symantec Control Compliance Suite CCS 11.0 Module Course - CCS-MODUL
CODE: WGAC-SYM-CCS-MODUL
Symantec Control Compliance Suite 11.0: Administration - CCS-ADMIN
CODE: WGAC-SYM-CCS-ADMIN
Symantec Content Analysis 2.x: Administration - CAS
CODE: WGAC-SYM-CAS
Symantec Advanced Threat Protection 2.x: Incident Response - ATP-IR
CODE: WGAC-SYM-ATP-IR
ProxySG 7.3 Administration with Secure Web Gateway
CODE: WGAC-BRO-PROXYADM
ProxySG 6.7 Diagnostics and Troubleshooting
CODE: WGAC-BRO-PROXYDT
We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.