Detailed Course Outline
Threat Anatomy
- Discuss the current threat landscape and security challenges.
- Understand the components of an attack.
- Learn how threat actors avoid traditional security methods.
- Understand CPU and OS-level sandbox technologies.
SandBlast Threat Emulation
- Identify the different SandBlast Zero-Day components..
- Discuss various file emulation processes and mechanisms.
- Understand the three file emulation deployment options.
SandBlast Threat Extraction
- Understand how SandBlast Zero-Day Protection protects organizations from threats via Threat Extraction.
- Learn essential Threat Extraction settings and configurations.
ThreatCloud Emulation Service
- Learn how file emulation works when using ThreatCloud.
- Discuss the different ThreatCloud components.
Deployment Scenarios
- Learn about various SandBlast Zero-Day Protection deployment implementations.
- Understand how System Administrators can utilize locale mulation and/or ThreatCloud in different situations.
SandBlast Troubleshooting
- Identify essential command line tools for monitoring Threat Emulation and Threat Extraction.
- Learn how to troubleshoot Threat Emulation and Threat Extraction performance.
Lab Exercises
Understanding Vulnerabilities
- Learn about software vulnerabilities.
- Understand the CVSS scores for vulnerabilities.
- See how malware can bypass sandboxing
Working with Threat Emulation
- Activate local emulation and make the system ready to emulate files.
- Use the command line to emulate files from the local file system.
- View Threat Emulation logs using SmartView Tracker.
- View and create reports using SmartEvent.
- Confirm the Security Gateway acts as an MTA.
Working with Threat Extraction
- Activate Threat Extraction on an MTA-enabled Security Gateway.
- Confirm how Threat Extraction delivers safe content.
Working with ThreatCloud
- Identify how to configure Security Gateway to offload file emulation to ThreatCloud.
- Review the related forensic report.