It is recommended that students have a working knowledge of Microsoft Windows administration, a basic understanding of computer security concepts, and a general understanding of Internet services.

Day 1 „

• About the Course „
• Malware Overview „
• Incident Response Overview „
• ATD Overview „
• ATD Deployment Strategies „
• ATD Architecture „
• ATD Installation „
• ATD Command line and Web Interface „
• Licensing and Updates „
• Logging „
• Administrator Configuration

Day 2 „

• ATD Policy „
• Virtual Image Creation „
• ATD Integration „
• Malware Analysis „
• Reporting and Notifications

Day 3 „

• McAfee Data Exchange Layer and Threat Intelligence Exchange „
• ATD Integration with TIE

Day 4 „

• Incident Response Review „
• Troubleshooting

Module 1: About the Course

• „ McAfee University Curriculum
• „ Introductions
• „ About the Course
• „ Lab Environment

Module 2: Malware Overview

• „ Malware Types
• „ Malware Types
• „ Malware Vectors
• „ Malware Detection
• „ Malware Lifecycle

Module 3: Incident Response Overview

• „ Tenets of Incident Response
• „ Incident Response Lifecycle
• „ Incident Reponse and ATD

Module 4: ATD Overview

• „ ATD in a Security Environment
• „ ATD Static and Dynamic Analysis
• „ Supported File Types

Module 5: ATD Deployment Strategies

• „ Network Topology
• „ ATD Interaction
• „ ATD and GTI

Module 6: ATD Architecture

• „ ATD Appliance Hardware
• „ ATD Architecture
• „ Remote Management and Monitoring
• „ ATD Network Ports

Module 7: ATD Installation

• „ ATD Installation and Configuration
• „ ATD Connections

Module 8: ATD Command line and Operating System

• „ Advanced Threat Defense Command Line Interface
• „ Commonly Used CLI Commands
• „ ATD Web Interface
• „ Dashboard Tab
• „ Analysis Tab
• „ Policy Tab
• „ Manage Tab

Module 9: Licensing and Updates

• „ Advanced Threat Defense Licensing
• „ ATD Disk Setup
• „ Updating ATD Appliance
• „ ATD Backups
• „ Installation Troubleshooting

Module 10: Logging

• „ ATD Logging
• „ System Log and Status
• „ ATD Dashboard

Module 11: Administrator Configuration

• „ ATD Users
• „ ATD Roles
• „ Administrator policy Configuration

Module 12: ATD Policy

• „ ATD Policy
• „ VM Profile
• „ Analyzer Profile
• „ ATD Malware Internet Access
• „ ATD Policy Workflow

Module 13: Virtual Image Creation

• „ Virtual Machine Creation
• „ Creating a VMDK file
• „ Configuring the Operating System for ATD
• „ Import VMDK into ATD
• „ Convert the VMDK file into an ATD image file

Module 14: ATD Integration

• „ ATD Integration Overview
• „ FTP
• „ RESTful API
• „ McAfee Web Gateway
• „ Network Security Platform
• „ Host Operating System Identification
• „ ePO Integration

Module 15: Malware Analysis

• „ Supported File Types
• „ ATD Malware Analysis
• „ White List
• „ Black List
• „ Malware Engines and GTI
• „ Sandbox Analysis
• „ Analysis Status

Module 16: Notifications and Reporting

• „ ATD Analysis Reports
• „ ATD Sandbox Analysis Summary
• „ Dropped Files
• „ Disassembly Results
• „ Logic Path Graph
• „ User API Log
• „ Complete Results
• „ ATD Report Formats
• „ ATD Notifications

Module 17: McAfee DXL/TIE

• „ McAfee Data Exchange Layer
• „ McAfee Threat Intelligence Exchange
• „ TIE Workflow
• „ TIE Server Configuration

Module 18: ATD Integration with TIE

• „ ATD DXL/ePO configuration
• „ ePO Policy Configuration
• „ Malware Analysis Workflow
• „ ePO Reporting

Module 19: Incident Response Review

• „ Malware Incident Reporting Lifecycle
• „ Preparation
• „ Detection
• „ Analysis
• „ Containment, Eradication and Recovery
• „ Post-Incident Activity

Module 20: Troubleshooting

• „ ATD Troubleshooting Resources
• „ ATD Troubleshooting
• „ ATD Log Files
• „ ATD Common Issues
• „ Integration Troubleshooting