Alert Analysis with File Protect

Training Overview

This training is designed to prepare analysts to triage & derive meaningful, actionable information from alerts on Trellix File Protect.

Duration: 1 day

Prerequisites

A working understanding of networking & network security, the Windows operating system, file system, registry, & use of the command line interface (CLI).

Audience Profile

Security professionals & incident responders who use Trellix File Protect to detect, investigate, & prevent cyber threats

Learning Objectives:

After completing this training, learners should be able to:

  • Recognize current malware threats & trends
  • Understand the threat detection & prevention capabilities of your Trellix Security solution
  • Locate & use critical information in a Trellix alert to assess a potential threat
  • Examine OS & file changes in alert details to identify malware behaviours
  • Identify indicators of compromise (IOCs) in a Trellix alert & use them to identify compromised hosts

Content Outline

  • Malware overview & definition
  • Motivations of malware
  • MITRE ATT&CK framework
  • Types of malware
  • Emerging threat actors
  • Features & benefits
  • Configuring storage & scans
  • Accessing & reviewing
  • Analysis results
  • APIs
  • File & folder actions
  • Code injection
  • Processes
  • Mutexes
  • Windows Registry events
  • Network access
  • User account access (UAC)

FAQs

This training is designed to prepare analysts to triage & derive meaningful, actionable information from alerts on Trellix File Protect.

command-line interface (CLI) is a text-based user interface (UI) used to run programs, manage computer files & interact with the computer. Command-line interfaces are also called command-line user interfaces, console user interfaces & character user interfaces.

After completing this training, learners should be able to:

  • Recognize current malware threats & trends
  • Understand the threat detection & prevention capabilities of your Trellix Security solution
  • Locate & use critical information in a Trellix alert to assess a potential threat
  • Examine OS & file changes in alert details to identify malware behaviors

A working understanding of networking & network security, the Windows operating system, file system, registry, & use of the command line interface (CLI).

Radiant Tech Learning has a data centre containing a Virtual Training environment for the purpose of professional hand-on-practice. Professionals can easily access these labs over Cloud with the help of a remote desktop connection. Radiant virtual labs provide you with the flexibility to learn from anywhere in the world & at any time. 

The learners will be enthralled as we engage them the real-world & Oriented industry projects during the training program. These projects will improve your skills & knowledge, & you will gain a better experience. These real-time projects will help you a lot in your future tasks & assignments

You can request a refund if you do not wish to enroll in the training.

Radiant has highly intensive selection criteria for Technology Trainers & Professionals who deliver training programs. Our trainers & professionals undergo rigorous technical & behavioural interview & assessment processes before they are on-boarded in the company.

Our Technology experts/trainers & professionals carry deep-dive knowledge in the technical subject & are certified by the OEM.

Our training programs are practically oriented with 70% – 80% hands-on training technology tools. Our training program focuses on one on one interaction with each professional, the latest content in the curriculum, real-time projects & case studies during the training program.

Our faculty will provide you with the knowledge of each training from the fundamental level in an easy way & you are free to ask your doubts any time from your respective faculty.

Our trainers have patience & ability to explain difficult concepts in a simplistic way with depth & width of knowledge.

To ensure quality learning, we provide a support session even after the training program.

Send a Message.


  • Enroll