Module 1: About the Course
-
McAfee University Curriculum
-
Introductions
-
About the Course
-
Lab Environment
Module 2: Malware Overview
-
Malware Types
-
Malware Types
-
Malware Vectors
-
Malware Detection
-
Malware Lifecycle
Module 3: Incident Response Overview
-
Tenets of Incident Response
-
Incident Response Lifecycle
-
Incident Reponse and ATD
Module 4: ATD Overview
-
ATD in a Security Environment
-
ATD Static and Dynamic Analysis
-
Supported File Types
Module 5: ATD Deployment Strategies
-
Network Topology
-
ATD Interaction
-
ATD and GTI
Module 6: ATD Architecture
-
ATD Appliance Hardware
-
ATD Architecture
-
Remote Management and Monitoring
-
ATD Network Ports
Module 7: ATD Installation
-
ATD Installation and Configuration
-
ATD Connections
Module 8: ATD Command line and Operating System
-
Advanced Threat Defense Command Line Interface
-
Commonly Used CLI Commands
-
ATD Web Interface
-
Dashboard Tab
-
Analysis Tab
-
Policy Tab
-
Manage Tab
Module 9: Licensing and Updates
-
Advanced Threat Defense Licensing
-
ATD Disk Setup
-
Updating ATD Appliance
-
ATD Backups
-
Installation Troubleshooting
Module 10: Logging
-
ATD Logging
-
System Log and Status
-
ATD Dashboard
Module 11: Administrator Configuration
-
ATD Users
-
ATD Roles
-
Administrator policy Configuration
Module 12: ATD Policy
-
ATD Policy
-
VM Profile
-
Analyzer Profile
-
ATD Malware Internet Access
-
ATD Policy Workflow
Module 13: Virtual Image Creation
-
Virtual Machine Creation
-
Creating a VMDK file
-
Configuring the Operating System for ATD
-
Import VMDK into ATD
-
Convert the VMDK file into an ATD image file
Module 14: ATD Integration
-
ATD Integration Overview
-
FTP
-
RESTful API
-
McAfee Web Gateway
-
Network Security Platform
-
Host Operating System Identification
-
ePO Integration
Module 15: Malware Analysis
-
Supported File Types
-
ATD Malware Analysis
-
White List
-
Black List
-
Malware Engines and GTI
-
Sandbox Analysis
-
Analysis Status
Module 16: Notifications and Reporting
-
ATD Analysis Reports
-
ATD Sandbox Analysis Summary
-
Dropped Files
-
Disassembly Results
-
Logic Path Graph
-
User API Log
-
Complete Results
-
ATD Report Formats
-
ATD Notifications
Module 17: McAfee DXL/TIE
-
McAfee Data Exchange Layer
-
McAfee Threat Intelligence Exchange
-
TIE Workflow
-
TIE Server Configuration
Module 18: ATD Integration with TIE
-
ATD DXL/ePO configuration
-
ePO Policy Configuration
-
Malware Analysis Workflow
-
ePO Reporting
Module 19: Incident Response Review
-
Malware Incident Reporting Lifecycle
-
Preparation
-
Detection
-
Analysis
-
Containment, Eradication and Recovery
-
Post-Incident Activity
Module 20: Troubleshooting
-
ATD Troubleshooting Resources
-
ATD Troubleshooting
-
ATD Log Files
-
ATD Common Issues
-
Integration Troubleshooting