Symantec Endpoint Protection 12.1: Administration (SC1439)

This course is designed for the network, IT security, and systems administration professional tasked with architecting, implementing, and monitoring virus and spyware protection, zero-day protection, and network threat protection solutions.

Type

Certified Training Course

Level

Professional

Cost

R 16 430 p.p. (Excl. VAT)*
*Pricing may be subject to change due to exchange rate volatility.

SATV Redeemable 

N/A

Delivery Method

Classroom-based, Instructor-led with emphasis on hands-on exercises.

Duration

5 days

Start time: 09:00 (Registration will commence at 08:30 on the first day)

Prerequisites

Students should have knowledge of the following:

  • Advanced computer terminology, including TCP/IP networking terms and Internet terms.
  • An administrator-level knowledge of Microsoft Windows operating systems.

Course Objectives

At the end of this course, you should be able to do the following:

  • Describe Symantec Endpoint Protection products, components, dependencies, and system hierarchy.
  • Install and configure Symantec Endpoint Protection management and client components.
  • Deploy Symantec Endpoint Protection Windows and Mac clients.
  • Manage the client user interface.
  • Manage content updates for Windows and Mac clients.
  • Design a Symantec Endpoint Protection environment.
  • Manage Virus and Spyware Protection policies.
  • Manage SONAR scans.
  • Manage Firewall and Intrusion Prevention policies.
  • Manage Application and Device Control policies.
  • Manage virtualized clients.
  • Configure replication and load balancing

Exam & Certifications

This course prepares students to write the Administration of Symantec Endpoint Protection 12.1 Exam (Exam Code: 250-315) as part of the Symantec Certified Specialist certification path.

Exam Details

  • # of Questions: 75 - 85
  • Exam Duration: 105 minutes
  • Passing Score: 67%
  • Languages: English
  • Exam Price: $225 (or your country's currency equivalent)

Suggested Preparation

Below includes the recommended preparation to achieve this level of expertise.

Additional Resources

View Symantec exam policies

Course Topics

1. Introduction

  • Course overview
  • The classroom lab environment

2. Symantec Endpoint Protection Product Solution

  • Why use Symantec Endpoint Protection?
  • Symantec Endpoint Protection technologies
  • Symantec Endpoint Protection services
  • Symantec Endpoint Protection components
  • Symantec Endpoint Protection policies and concepts
  • Extending Symantec Endpoint Protection

3. Installing the Symantec Endpoint Protection Manager

  • Identifying system requirements
  • Preparing servers for installation
  • Installing and configuring the Symantec Endpoint Protection Manager
  • Describing Symantec Endpoint Protection upgrades and version compatibility

4. Configuring the Symantec Endpoint Protection Environment

  • Starting and navigating the SEPM
  • Describing policy types and components
  • Console authentication
  • Licensing the SEP environment

5. Deploying Windows Clients

  • Planning the client deployment
  • Configuring client deployment package
  • Deploying packages to clients
  • Maintaining the client environment
  • Upgrading Symantec Endpoint Protection clients

6. Deploying Mac Clients

  • Installation planning
  • Package configuration
  • Web-link and email deployment
  • Third-party remote deployment

7. Client and Policy Management

  • Describing SEPM and client communications
  • Administering clients
  • Configuring groups
  • Configuring locations
  • Active Directory integration with SEP 12.1
  • Client configuration modes
  • Configuring domains
  • General client settings and Tamper Protection

8. Configuring Content Updates for Windows Clients

  • Introducing LiveUpdate
  • Configuring the SEPM for LiveUpdate
  • Configuring the LiveUpdate Settings and Content policies
  • Configuring multiple group update providers (GUPs)
  • Manually updating virus definitions

9. Configuring Content Updates for Mac Clients

  • Describing content update methods
  • Configuring the LiveUpdate policy
  • Configuring the SEPM as a reverse proxy
  • Monitoring updates

10. Performing Server and Database Management

  • Managing SEPM servers
  • Maintaining server security
  • Communicating with other servers
  • Managing administrators
  • Managing the database
  • Disaster recovery techniques

11. Configuring Replication and Failover and Load Balancing

  • About sites and replication
  • How replication works
  • Symantec Endpoint Protection replication scenarios
  • Configuring replication
  • Failover and load balancing

12. Designing a Symantec Endpoint Environment

  • Architecture components
  • Architecture constraints
  • Component placement
  • Content delivery
  • Determining client to SEPM ratios
  • SEPM and database sizing best practices

13. Introducing Antivirus, Insight, and SONAR

  • Virus and spyware protection needs and solutions
  • Reputation and Insight
  • Administrator-defined scans
  • Auto-Protect
  • Download Insight
  • SONAR
  • Included Virus and Spyware Protection policies

14. Managing Virus and Spyware Protection Policies for Windows

  • Configuring administrator-defined scans
  • Configuring protection technology settings and scans
  • Configuring e-mail scans
  • Configuring advanced options
  • Managing scanned clients

15. Managing Virus and Spyware Protection Policies for Mac

  • Configuring scheduled scans
  • Configuring Auto-Protect
  • Configuring advanced options

16. Managing Exception Policies

  • Exceptions and exclusions
  • Configuring the Exceptions policy

17. Introducing Network Threat Protection

  • The OSI model and network threats
  • Network threat tools and attack methods
  • Attack and mitigation

18. Managing Firewall Policies

  • Firewall policy overview
  • Defining rule components
  • Modifying firewall rules
  • Configuring built-in rules
  • Configuring protection and stealth settings
  • Configuring Windows integration settings

19. Managing Intrusion Prevention Policies

  • Configuring network and browser intrusion prevention
  • Managing custom signatures

20. Managing Application and Device Control Policies

  • Creating application and device control policies
  • Defining application control
  • Modifying policy rules
  • Defining device control

21. Virtualisation

  • Introducing virtualisation features
  • Virtual image exception
  • Network and vShield Shared Insight Cache
  • Virtual client tagging
  • Offline image scanner