Introduction:

The Symantec Endpoint Security Complete (SESC) Administration R1 course is designed for the network, IT security, and systems administration professional in a Security Operations position tasked with the day-to-day operation of a SESC endpoint security environment. The course focuses on SES Complete cloud-based management using the ICDm management console.

Objectives:

By the completion of this course, you will be able to:

  • Describe the benefits of using a multi-layered cloud- based environment for endpoint security.
  • Secure endpoints against network, file based, and emerging threats.
  •  Control endpoint integrity and compliance.
  • Respond to security threats using SESC monitoring and reporting.
  • Enforce adaptive security compliance.

Course Outline:

Module 1: Introduction to Endpoint Security Complete

Introduction to the basic components required to get up and running with the solution including

  • Licensing
  • Architecture
  • Client deployment

Module 2: Configuring SES Complete Security Controls

The comprehensive set of security controls with SES Complete including

  • Policy use and configuration 
  • Versioning
  • Allow and deny lists

Module 3: Responding to Threats with ICDm

Incident response from the perspective of the ICDm management platform utilizing features such as 

  • Dashboards
  • Events 
  • Reports

Module 4: Endpoint Detection and Response

 Focus on the Endpoint Detection and Response feature set covering:

  • Configuration
  • Administration
  • Incident Investigation

It is specifically focused on EDR on ICDm only

Module 5: Attack Surface Reduction

SESC features that work to reduce overall attack surface including product features such as

  • App Control
  • Adaptive Protection

Module 6: Mobile and Modern Device Security

Focus on additional endpoint device protection areas

  • Mobile
  • Point of sale

Other specific use devices

  • Device enrolment
  • Specific policies
  • Configuration and administration

 Module 7: Threat Defense for Active Directory

  • Threat Defense for Active Directory
  • Assessment
  • Implementation
  • Use

Module 8: Working with a Hybrid Environment

  • Hybrid deployment architecture
  • Differences
  • Policy Migration 
  • Best practices when using a hybrid deployment configuration of SESC