Alert Analysis & Diagnostics with Email Security Server

1. Trellix Core Technology

• Malware infection lifecycle
• MVX engine
• Appliance analysis phases

2. Threats & Malware Trends

• Malware overview & definition
• Motivations of malware
• MITRE ATT&CK framework
• Types of malware

3. Threat Management

• Features & functions of
• Email Security – Server
• Appliance web UI
• Alert overview

4. OS Changes

• APIs
• File & folder actions
• Code injection
• Processes
• Mutexes
• Windows Registry events
• Network access
• User Account Access (UAC)

5. Malware Objects

• Malware object alerts
• BOT communication details
• OS change details for malware objects
• Malware object origin analysis

1. Common Trellix Administration and Diagnostics

• Troubleshooting process
• Basic troubleshooting
• Best practice
• Common issues:
  • Licensing
  • Admin
  • Operation
  • Notifications
  • Boot
  • Performance
  • Upgrade

2. Email Security – Server Diagnostics

• Health check
• Server logs

3. Hardware Diagnostics

• Troubleshooting PSU & HDD issues
• Universal LED

4. Virtual Email Security Server

• Diagnostics
• Licensing
• DTI configuration

5. Diagnostics of Email Protocols

• The process of email & the Email Security – Server SMTP/ESMTP
  • POP3 / IMAP
  • MTA
  • DNS
  • MX
  • Postfix
  • Email Security Server
• Modes
  • Reporting
  • Email Logs

6. Administration & Diagnostics of Email Security Appliances

• Processing interface
• Domains
• Next-hop
• Receiving mail
• Analysis
• Mail delivery
• Delay & latency
• Understanding queues

7. Transition

• Transition a case to Trellix
• Customer Support
• Using the Trellix Customer Portal

This is a two-day instructor-led class designed for analysts & email administrators.

The Alerts Analysis page allows you to analyze the alerts received within a date range that you specify.

This training focuses on enabling you to do the following: 

• Recognize current malware threats & trends
• Understand the threat detection & prevention capabilities of your Trellix Email Security Server
• Locate & use critical information in a Trellix alert to assess a potential threat
• Examine OS & file changes in alert details to identify malware behaviours
• Identify indicators of compromise (IOCs) in a Trellix alert & use them to identify compromised hosts.

working understanding of networking, email security & email support.

Yes, you can.

We use the best standards in Internet security. Any data retained isn't shared with third parties.

It is recommended but not mandatory. Being acquainted with the primary training material will enable professionals & the trainer to move at the desired pace during classes. You can access training for most vendors.

You can buy online from the page by clicking on "Buy Now". You can view alternate payment methods on the payment options page.

Yes, professionals can pay from the training page.

The training completion certification will be awarded to all the professionals who've completed the training program & the project assignment given by your instructor. You may use the certificate in your future job interviews will surely help you to get your dream job.