Login     Signup
   info@zetlantechnologies.com        +91-8680961847

  /   Kaspersky Certification   /   KL 025.37


Kaspersky Anti Targeted Attack Platform Kaspersky Endpoint Detection and Response



Title Kaspersky Anti Targeted Attack Platform Kaspersky Endpoint Detection and Response
Code KL 025.37
Target group The course has been redesigned taking into account new product functions. We use a single-node configuration of the Central Node instead of cluster deployment now. Tools for simulating an attack on corporate resources have been changed in the labs, which allow us to dive deeper when exploring product capabilities.
Applications covered in the course:
  • Kaspersky Anti Targeted Attack Platform 6.0
  • Kaspersky Endpoint Detection and Response 6.0
  • Kaspersky Endpoint Security for Windows and Linux
  • Kaspersky Security Center
Duration 3 days


Kaspersky Anti Targeted Attack platform and Kaspersky EDR together form a native eXtended Detection and Response (XDR) solution that helps organizations build a reliable protection system against advanced cyberattacks.



Course Details

1. Installing and Configure Central Node

  • Install the operating system for Central Node
  • Select the role, configure the network, time, and access to the server

  • Configure the internet interface for virtual machine
  • Setup up time synchronization
  • Add the Virtual Machine Images

  • Connect the Central Node to the Sandbox Server
  • Active Central Node
  • Create an Information security officer account
  • Activate an additional network interface
  • Enable traffic capture on the prepared network interface
  • Traffic is being analyzed using the Dashboard in the Administrator Console
  • Check alerts in the security officer console to make sure that traffic is analyzed
  • Configure the Central Node to receive Messages over SMTP
  • Configure a rule that will copy messages
  • Configure a mail route to the central Node
  • Check mail traffic processing health from the administrator console
  • Check mail traffic processing health rom the security officer’s console
  • Disable SMTP processing for the SPAN Sensor
  • Connect sensor to proxy Server (ICAP)
  • Enable the ICAP Sensor on the Central Node
  • ICAP sensor health from the administrator’s console
  • ICAP Sensor health from the security officer’s Console
  • Make sure that objects extracted from http traffic are processed several times
  • Exclude the proxy traffic from processing by IP address
  • Extracted from http traffic are processed once
  • Enable Kaspersky Endpoint Agent using the task change application components

  • Create an installation package for Kaspersky Endpoint Agent
  • Install Kaspersky Endpoint Agent by a remote installation task
  • Create a policy for Kaspersky Endpoint agent
  • Configure connection to the Central node in the Kaspersky Endpoint Agent Policy
  • Check that Kaspersky Endpoint Agent has connected to the central Node
  • Add a key to the Kaspersky Security Center repository
  • Add a key to the Kaspersky Security Center repository
  • Kaspersky Endpoint Agent has installed the license
  • Run the test title and process the alert
  • Send an email message with a link to a malicious title
  • Save and execute the malicious title on a user’s computer
  • Consult the alerts
  • Analyze the scanning results from the sandbox
  • Find associated Alerts
  • Process the alerts

  • Analyze IAA alerts
  • Find the event that triggered the alert
  • Analyze related events
  • Isolate the compromised computer
  • Get the suspicious title and scan it
  • Find out what the malicious title was doing
  • Consult the title scanning results
  • Examine the code of the malicious script
  • Delete dangerous title from the computer
  • Verify that isolation and title access deny operate property
  • Complete the incident investigation
  • Download and unzip the debug information
  • Analyze the interpretable tiles related to the threat
  • Load snort community rules to KAIA
  • Write a custom rule for suricata
  • Upload your rule to KAIA
  • Verify that KAIA applies the rule when scanning traffic
  • Provoke an alert by IDS technology where updatable rules are matched
  • Create an exception to the matched rule
  • Make sure that the exception works
  • Create a YARA rule that will discover a PowerShell Script
  • Upload your rule to KATA
  • Verify that KATA applies the rule when scanning files


Fees Structure : 15500 INR / 185 USD
Total No of Class : 54 Video Class
Class Duration : 60:00 Working Hours
Download Feature : Download Avalable
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Brochure       Buy Now       Sample Demo

Fees Structure : 30000 INR / 355 USD
Class Duration : 60 Days
Class Recording : Live Class Recording available
Class Time : Monday to Firday 1.5 hours per day / Weekend 3 Hours per day
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Download Brochure       Pay Online

Information Technologies

Why People Like us!

For over a decade, we have been on a mission: helping everyone grow up in IT Industry. Today, we are asking that you join us.

Read More

More Info

About Us Contact Us Privacy Policy Terms & Condition Refund Policy FAQs & Help

Account

My Account Course Details Shopping Cart Wishlist Order History Payment Details

Contact

Address: Chennai, Tamilnadu, India

Email: info@zetlantechnologies.com

Phone: +91 8680961847

Payment Accepted

Zetlan Technologies, All right reserved.