Skip Navigation LinksHome > Vendors > Red-Hat > DO285

Trend Micro Deep Discovery Advanced Threat Detection 3.0 Training for Certified Professionals

Overview

Duration: 3 days

Trend Micro™ Deep Discovery™ Advanced Threat Detection 3.0 Training for Certified Professionals is a three-day, instructor-led training course where participants will learn how to plan, deploy, and manage a Deep Discovery threat detection solution using:

  • Trend Micro™ Deep Discovery™ Inspector
  • Trend Micro™ Deep Discovery™ Analyzer
  • Trend Micro™ Deep Discovery™ Director
  • Trend Micro™ Deep Discovery™ Director – Network Analytics

Participants explore key concepts and methodologies of using a blend of Deep Discovery solutions for a more complete approach to network security. This course provides a variety of hands-on lab exercises, allowing each student to put the lesson content into action. There will be an opportunity to setup and configure various Deep Discovery solution management and administration features and test their functionality using the virtual labs. A comprehensive look is provided on the purpose, features, and capabilities of Deep Discovery network security solutions, including recommendations on best practices and general troubleshooting steps for a successful implementation and long-term maintenance of a Deep Discovery environment. The course also explores various deployment considerations and requirements needed to tie Deep Discovery solutions into other Trend Micro products to provide synchronized threat intelligence sharing for advanced threat detection.

Objectives

Upon completion of this course, students will be able to:
  • Describe the purpose, features, and capabilities of Deep Discovery advanced threat detection solutions
  • Configure Deep Discovery Inspector, and enable threat detection
  • Setup and use administrative and security management features in:
                 - Deep Discovery Inspector
                 - Deep Discovery Analyzer
                 - Deep Discovery Director
  • Explain how Connected Threat Defense™ works
  • Describe key features of Deep Discovery Director and how to integrate with other Deep Discovery products for centralized management and visibility 

Content

Product Overview
  • Trend Micro solutions
  • Trend Micro Network Defense
  • Key requirements for Trend Micro Network Defense 
  • Threat classifications
  • Trend Micro Network Defense solutions 
  • Deep Discovery
  • Product family
  • Deep Discovery capabilities
  • Deep Discovery threat detection technology overview
Deep Discovery Inspector
  • Network requirements
  • Deep Discovery Inspector network connections
  • Services accessed by Deep Discovery Inspector
  • Deep Discovery Inspector deployment topologies
  • Single connection—single Deep Discovery Inspector
  • Multiple connections—single Deep Discovery Inspector
  • Multiple connections—multiple Deep Discovery Inspectors 
  • Inter-VM traffic
  • Gateway proxy servers 
  • Caveats for deploying Deep Discovery Inspector only at ingress/egress points
  • Understanding the attack cycle
Configuring Deep Discovery Inspector
  • Pre-configuration console
  • Configuring network settings
  • Configuring system settings
  • Performing administration tasks
  • Deep Discovery Inspector Virtual Analyzer
  • Configuring Deep Discovery Inspector detection rules
  • Avoiding false positives
  • Troubleshooting Deep Discovery Inspector
  • Check network link status from web console 
  • Verifying back-end services
  • Testing with demo rules
  • Packet capturing
  • Verifying if network traffic is received
  • Testing ATSE-based detections
  • Testing malicious URLs
  • Verifying detected threats
  • Checking system performance
Analyzing Detected Threats in Deep Discovery Inspector
  • Using the dashboard to view detected threats 
  • Using the detection's’ menu to view and analyze detected threats
  • Identifying affected hosts in attacks
  • Viewing affected hosts information
  • Viewing detection details
  • Viewing all Deep Discovery Inspector detection's
  • Obtaining key information for analyzing threat detection's  
  • Detection severity information 
  • Attack phase information 
  • Detection type information 
  • Working with suspicious objects deny list
  • Block action for deny list
  • Allow list
  • Suspicious objects risk rating
  • Viewing hosts with command and control callbacks
  • Virtual Analyzer settings
  • Controlling file submissions to Virtual Analyzer
  • Virtual Analyzer cache
  • Virtual Analyzer sample processing time
  • File submission issues (not being sent to Virtual Analyzer)

Audience

This course is designed for IT  professionals who are responsible for protecting networks from any kind  of network, endpoint, or cloud  security threats.

The individuals who will typically benefit the most include:

  • System administrators
  • Network engineers
  • Support engineers
  • Integration engineers
  • Solution and security architects


Prerequisites

Before you take this course, Trend Micro recommends that you have a working knowledge of their products and services, as well as basic networking concepts and principles. Experience with the following products and technologies is also necessary:

  • Windows® servers and clients
  • Firewalls, web application firewalls, packet inspection devices
  • General understanding of malware

Participants are required to bring a laptop computer with a recommended screen resolution  of at least 1980 x 1080 or above, and a display size of 15” or above

Certification

Schedule

Course ID:
TRNN1040


Show Schedule for: