Overview of McAfee Education Services Security Training Offered At FOCUS 15
Registering for FOCUS and a Training Course
While registering for FOCUS, you will have the option to add a Training Class to your registration under the Add-Ons section. Registration for these classes is closing at 5 pm PT on Monday, October 19.
Adding a Training Course to your FOCUS Registration
If you have already completed your FOCUS 15 registration, you may log in to your MyEvent page
and click Events and Guests
to add and make
a payment for a Training Course.
Registering for a Training Course only
If you would like to attend a Training Course without registering for FOCUS 15, please send your request to email@example.com
Registering for a Training Course through a Sales Representative
If your registration fees for a Training Course are being covered by an Intel Security Sales Representative, please send a request
for the Student Enrollment form to firstname.lastname@example.org
Changing a Training Course
If you have added and paid for a Training Course and would like to sign up for a different Training Course, please
email your request to email@example.com
Each course is priced at $995 dollars.
Each course is a two-day session: Thursday October 29th - Friday, October 30th
Hours: 9:00 am - 5:00 pm daily
A certification voucher will be included in the takeaways for each student.
Who Should Take These Classes
System and network administrators, security personnel, auditors, and/or consultants concerned with network and system security should take this course. It is recommended that students have a working knowledge of Microsoft Windows
administration, system administration concepts, a basic understanding of computer security concepts, and a general understanding of Internet services.
Attendee Laptop Requirements
Attendees are required to bring a laptop that is capable of connecting to the Internet.
McAfee® ePolicy Orchestrator Administration Course
McAfee® ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform and provides unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that
slash incident response time, McAfee ePO dramatically strengthens protection and drives down the cost and complexity of managing risk and security.
At the end of this course, attendees should understand the benefits and capabilities of a McAfee ePolicy Orchestrator (ePO) centralized management solution, as well as how to plan, deploy, and manage the solution.
You should have a working knowledge of networking and system administration concepts, a basic understanding of computer security concepts, and a general understanding of viruses and antivirus technologies.
- Security Connected and ePO Overview
- Creating and Building the System Tree
- Managing Permission Sets and Users
- McAfee Agent
- Client Tasks
- Managing Policies
- Managing Dashboards and Monitors
- Working with Queries and Reports
- Automatic Responses and Notifications
- Database Maintenance and Server Utilities
McAfee® Next Generation Firewall Administration Course
McAfee® Next Generation Firewall (NGFW) delivers complete, centrally managed network security with high availability, multi-tenancy, advanced evasion protection, application control, and flexible deployment
options, including software, physical and virtual firewall appliances.
At the end of this course, attendees should know the benefits of McAfee Next Generation Firewall; understand the skills needed to successfully plan, design, and implement McAfee Next Generation Firewall following
McAfee Professional Services methodology; and be capable of installing and configuring the appliance within their own environment.
Prior experience using McAfee® Next Generation Firewall (NGFW) or other firewall technologies strongly recommended.
- McAfee Next Generation Firewall overview
- Log management
- Monitoring, statistics, and reporting
McAfee® Security Information and Event Management (SIEM) Administration Course
At the end of this course, attendees should understand how to implement the Security Information and Event Management (SIEM) appliances in a workflow suitable to their enterprise environment; understand the
skills needed to successfully operate McAfee SIEM following McAfee Professional Services methodology; and be capable of configuring the appliances within their own environment.
You should have a working knowledge of Microsoft Windows administration, system administration concepts, a basic understanding of computer security concepts, an understanding of basic UNIX commands, and a general
understanding of viruses and antivirus technologies. You should also have working knowledge of Internet services, including DNS, Sendmail, FTP, and WWW services, as well as Internet protocols (TCP, UDP) and their
usage routing and connectivity flow (e.g., LAN, WAN, Internet).
- Security Information and Event Management Overview
- Enterprise Security Manager (ESM)
- Enterprise Log Manager (ELM)
- Advanced Correlation Engine (ACE)
- Application Data Monitor (ADM)
- Database Event Monitor (DEM)
- Data sources
- Policy Editor
- Alarms, watch lists, and reporting
- ESMI Views
McAfee® Security Information and Event Management (SIEM) Analyst Course
At the end of this course, attendees should understand how to isolate and verify data threats to an organization using McAfee Security Information and Event Management (SIEM), McAfee Professional
Services methodology, and best practices in the context of a typical Security Operations Center (SOC) environment.
Prior experience with the following technologies is strongly recommended.
- Networking and system administration concepts
- Basic understanding of computer security concepts
- Experience with network security concepts and practices
- Login Credentials to your SIEM implementation with the appropriate permissions
- SOC Maturity Model
- Security Operations
- The Role of the Analyst
- Network Design
- Change Management
- Development of Use Cases
- Four Phases of an Attack
- Process Maturity
- Security Device Management
- Incident Response
- SIEM Overview
- Views and Filtering
- SIEM Technology Adoption Curve
- Correlation Engine
- Correlation Rules
- Tuning the SIEM
- Notifications and Reporting
- Achieving Situational Awareness