Prerequisites
Basic understanding of networking technologies, such as TCP/IP, DNS, email, web. Basic Windows administrator skills. Basic knowledge of information security principles.
Course Objectives
The main objective of the course is to provide participants with all the knowledge required to deploy, configure, and manage the solution.
The course teaches how to design, deploy, and maintain protection systems based on Kaspersky Endpoint Security 12.5 and centrally manage them via Kaspersky Security Center 14.2. It describes products designed to protect a network of up to 1000 endpoints in a single location. Endpoints in this course are servers and workstations running Windows. The theoretical part of the course and hands-on labs provide participants with the knowledge and skills necessary to:
- Describe the capabilities of Kaspersky Next EDR Foundations tier.
- Design and deploy an optimal protection solution based on Kaspersky Endpoint Security 12.5 in a Windows network and manage it via Kaspersky Security Center 14.2.
- Maintain the deployed system.
Course Content
Deployment
- General
- Kaspersky Next
- Kaspersky Security Center installation
- Lab 1. Installing Kaspersky Security Center
- Deploying Kaspersky Endpoint Security
- Lab 2. Deploying Kaspersky Endpoint Security
- Working with groups of managed devices
- Lab 3. Creating a structure of managed devices
- Kaspersky Next EDR Cloud Consoles
- Kaspersky Endpoint Security Cloud Console
- Kaspersky Security Center Cloud Console
Protection management
- How Kaspersky Endpoint Security protects computers
- How to configure file protection
- How to configure protection against network threats
- Lab4. Configuring file protection
- Lab5. Configuring Mail Threat Protection
- Lab6. Testing Web Threat Protection
How to configure protection against sophisticated threats
- Lab7. Protecting network folders against ransomware
- Lab8. Testing protection against fileless threats
- Lab9. Testing protection against exploits
- Lab10. Configuring Host Intrusion Prevention to protect against ransomware
- How to control network connections
- Lab11. Testing Network Threat Protection
Security controls
- General
- Application control
- Lab 12. Configuring Application Control
- Lab 13. Blocking start of unknown applications in the network
- Device Control
- Web Control
- Lab 14. Configuring web access control
- Lab 15. Simulating an attack on the enterprise network
Root-Cause Analisys
- General
- Root cause analysis
- Deployment
- Incident response
- Lab 16. Deploying Kaspersky Endpoint Detection and Response Optimum
- Lab 17. Preparing Kaspersky EDR for use
- Lab 18. Incident response
Administration
- Administration Server hardening
- Backup, restore and maintenance
- Configuring policies and tasks
- Lab 19. Configuring password protection
- Event storage and integration with SIEM
- Vulnerability management
- Monitoring and reports
- Lab 20. Customizing the dashboard
- Lab 21. Configuring reports
- Checklists
- Contacting technical support
- Lab 22. Collecting diagnostic information