Deep Discovery

TRNN1040 : Deep Discovery™ Advanced Threat Detection Edition 3 Training For Certified Professionals

Fees

₹ 1,65,000.00

Course Duration

3 Days

Delivery

ILT/VILT

Overview

Overview Course Curriculum Training Schedule Exam & Certification FAQs

Trend Micro™ Deep Discovery™ Advanced Threat Detection 3.0 Edition 3 Training for Certified Professionals is a three-day, instructor-led training course where participants will learn how to plan, deploy, and manage a Deep Discovery threat detection solution, using:

Trend Micro™ Deep Discovery™ Inspector
Trend Micro™ Deep Discovery™ Analyzer
Trend Micro™ Deep Discovery™ Director
Trend Micro™ Deep Discovery™ Director – Network Analytics

Participants explore key concepts and methodologies of using a blend of Deep Discovery solutions for a more complete approach to network security. This course provides a variety of hands-on lab exercises, allowing each student to put the lesson content into action. There will be an opportunity to setup and configure Deep Discovery solution management and administration features, and test their functionality using the virtual labs.

A comprehensive look is provided on the purpose, features, and capabilities of Deep Discovery network security solutions, including recommendations on best practices and general troubleshooting steps for a successful implementation and long-term maintenance of a Deep Discovery environment.

The course also explores various deployment considerations and requirements needed to tie Deep Discovery solutions into other Trend Micro products to provide synchronized threat intelligence sharing for advanced threat detection.

What You'll Learn

Upon completion of this course, students will be able to:

Describe the purpose, features, and capabilities of Deep Discovery advanced threat detection solutions
Configure Deep Discovery Inspector and enable threat detection
Setup and use administrative and security management features in Deep Discovery Inspector, Deep Discovery Analyzer, Deep Discovery Director, and Deep Discovery Director – Network Analytics
Explain how Connected Threat Defense works
Describe key features of Deep Discovery Director and how to integrate with other Deep Discovery products for centralized management and visibility

Who Should Attend

This course is designed for IT professionals who are responsible for protecting networks from any kind of network, endpoint, or cloud security threats.

The individuals who will typically benefit the most include:

System administrators
Network engineers
Support engineers
Integration engineers
Solution and security architects

Prerequisites

Before you take this course, Trend Micro recommends that you have a working knowledge of their products and services, as well as basic networking concepts and principles. Experience with the following products and technologies is also necessary:

Windows® servers and clients
Firewalls, web application firewalls, packet inspection devices
General understanding of malware

Learning Journey

Coming Soon...

Product Overview

Trend Micro Solutions
Trend Micro™ Network Defense
- Key requirements for Trend Micro Network Defense
- Threat classifications
- Trend Micro Network Defense solutions
Deep Discovery
- Product family
- Deep Discovery capabilities
- Deep Discovery integration

Deep Discovery Inspector

Network requirements
Deep Discovery Inspector network connections
Services accessed by Deep Discovery Inspector
Deep Discovery Inspector deployment topologies
- Single connection—single Deep Discovery Inspector
- Multiple connections—single Deep Discovery Inspector
- Multiple connections—multiple Deep Discovery Inspectors
- Inter-VM traffic
- Gateway proxy servers
- Caveats for deploying Deep Discovery Inspector only at ingress/egress points
Understanding the attack cycle
- Phases of a targeted attack
- Case study: Pawn storm spear-phishing
Deep Discovery threat detection technology overview

Configuring Deep Discovery Inspector

Pre-configuration console
Configuring network settings
Configuring system settings
Performing administration tasks
Integrating with syslog servers
Deep Discovery Inspector Virtual Analyzer
Configuring Deep Discovery Inspector detection rules
Avoiding false positives
Troubleshooting Deep Discovery Inspector
Checking system performance

Analyzing Detected Threats in Deep Discovery Inspector

Using the dashboard to view detected threats
Using the detections menu to view and analyze detected threats
Obtaining key information for analyzing threat detections
Detection severity information
Attack phase information
Detection type information
Suspicious objects
Viewing hosts with command and control callbacks
Virtual analyzer settings
Virtual analyzer cache
Virtual analyzer sample processing time
File submission issues

Deep Discovery Analyzer

Key features
Deep Discovery Analyzer specifications
Ports used
What is Deep Discovery Analyzer looking for?
Deep Discovery Analyzer sandbox
Scanning flow
Configuring network settings for Deep Discovery Analyzer
Using the Deep Discovery Analyzer web console
Performing system management functions
Performing Deep Discovery Analyzer sandbox tasks
Product compatibility and integration
Submitting samples to Deep Discovery Analyzer
Viewing sample submission details
Obtaining full details for analyzed samples
Managing the suspicious objects list
Interpreting results
Generating reports
Using alerts
Preparing and importing a custom sandbox

Deep Discovery Director

Deep Discovery Director key features
System requirements
Planning a deployment
Installing Deep Discovery Director
Configuring network settings in the preconfiguration console
Managing Deep Discovery Director
Configuring deployment plans
Managing threat detections
Cyber threat intelligence sharing
Threat sharing interoperability
Sharing advanced threats and indicators of compromise through STIX and TAXII
Using STIX and TAXII in Deep Discovery Director

Deep Discovery Director - Network Analytics

Deploying Deep Discovery Director – Network Analytics overview
How it works
Deploying Deep Discovery Director – Network Analytics
Managing Deep Discovery Director – Network Analytics
- Accessing Deep Discovery Director – Network Analytics settings
- Registering to Deep Discovery Inspector
- Adding a syslog server
- Configuring additional settings
Correlation overview
Metadata samples
Using correlation data for threat analysis
Viewing correlation data (correlated events)
Reviewing correlation data summary
Viewing the correlation data graph
Viewing correlation data for suspicious objects
Threat sharing

Preventing Targeted Attacks Through Connected Threat Defense

Connected Threat Defense life cycle
Combating targeted attacks with Connected Threat Defense
Key features of Connected Threat Defense
Connected Threat Defense requirements
Connected Threat Defense architecture
Suspicious object list management
Setting up Connected Threat Defense
Suspicious objects handling process
Tracking suspicious objects in Deep Discovery Analyzer
Suspicious object sharing scenarios

Appendices

What’s new:
Deep Discovery Inspector 5.6
Deep Discovery Analyzer 6.8
Deep Discovery Director 5.1 SP1
Deep Discovery Director - Network Analytics 5.0
Trend Micro Threat Connect
Trend Micro product integration
Deep Discovery threat detection technologies
Creating sandboxes
Installing and configuring Deep Discovery Inspector

Upon completion of this course, participants may choose to complete the certification examination to obtain designation as a Trend Micro Certified Professional for Deep Discovery Advanced Threat Detection.

Frequently Asked Questions (FAQs)

Why get Trend Micro certified?

Trend Micro certifications validate your expertise in cybersecurity and your ability to implement and manage Trend Micro's industry-leading security solutions.
These certifications demonstrate your commitment to staying ahead of the ever-evolving threat landscape and your proficiency in safeguarding organizations from cyberattacks.
Trend Micro-certified professionals are highly sought after by employers seeking to strengthen their security posture and protect their digital assets.
What to expect for the examination?

Trend Micro certification exams are designed to assess your knowledge and skills in specific Trend Micro products and solutions.
Exams typically consist of multiple-choice questions and may include scenario-based questions that test your ability to apply your knowledge in real-world situations.
Note: Certification requirements and policies may be updated by Trend Micro from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.
How long is Trend Micro certification valid for?

Trend Micro certifications are valid for two years.
To maintain your certification, you will need to recertify before it expires.
Note: Certification requirements and policies may be updated by Trend Micro from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.
Why take this course with Trainocate?

Here’s what sets us apart:
- Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 24 countries (and counting!).
- Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.
- Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.
- Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.
- Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.
- Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.