Eğitim Konuları
Understand simple Forcepoint DLP product deployments
Create and use custom classifiers
Use predefined classifiers, rules and policies
Control various channels of potential data leaks – in TCP networking, discovery and by endpoint
Manipulate incidents and reports
Configure incident workflows using TRITON GUI or email
Perform the backup and restore
Eğitim Süresi
Forcepoint DLP Administrator Eğitimi 3 gün sürmektedir.
Eğitim İçeriği:
Topic 1: Forcepoint DLP Architecture
AP-DATA Product and Basic Deployment
Forcepoint product overview
What is DLP
What is new in the 8.x versions
Simple Forcepoint DLP deployments, network topology before and after
Management consoles
Forcepoint DLP key configurations
Registering CG and Forcepoint Email Security
ICAP-mode Protector
Data security in cloud deployments
Topic 2: DLP Policies
Forcepoint DLP Components, Transaction Processing
Involved machines, OS, virtualization, processes
Load Balancing and Policiy Engine Interface (PEI)
Processing data transactions, Policy Engine (PE)
Testing DLP channels
CLI tools to extract plaintext and test policies
Custom logic in rule conditions
Testing limits of file size, large ZIPs and timeouts.
Custom and Predefined Classifiers
Keyphrases and dictionaries
Regular expressions
File classifiers
Script overview. “Supporting terms” near sensitive data; context analysis
Credit cards: PCI audit rules, CCN classifiers, Luhn check, prefixes (BINs)
Policy exceptions for custom LDAP groups, domains, etc.
Cumulative rules (Drip DLP)
InfoNet; Forcepoint firmasının Türkiye’deki YETKİLİ Eğitim Merkezidir.
Fingerprinting and ML
File fingerprinting; possibly with ignored sections
Database fingerprinting
Scheduling, exporting and synchronizing fingerprints
Machine Learning
Topic 3: Endpoints; Discovery
Data Endpoint
Data Endpoint Initial setup
EP statuses and disabling them
EP profiles, updates and incident reporting
Endpoint support for browsers
Endpoint support for email clients
Hooking application OS calls
Unhooking/excluding applications
Encryption with User-Defined Key and Profile Key
EP and printer drivers, screenshots, optical media, LAN control
Discovery Policies
Custom and predefined discovery policies
Scheduling file scans, incremental scanning
Scheduling scans of SharePoint Online, Outlook PST, etc.
Responding to discovery incidents
Configuring file discovery on EP
Incremental scans
FPNE – fingerprint classifiers on EP
Topic 4: Incidents and Maintenance
Incidents and Reporting
Incident manipulation: release, escalation, severity change, assignment, deletion
Action plans and notifications
Force-release feature
Email-based workflow
Create a Delegated Admin (DA) with limited permissions
Incident reports – exporting from TRITON GUI or with a script
Traffic and audit logs
Diagnostics, Backups, Upgrades
Inspecting PEI and PE logs; issues with timeouts and load balancing
Mega-breaches and performance
Gathering diagnostics for issue escalation
Archiving incident DB partitions and forensics
Full backup and restore of a AP-DATA Forcepoint DLP configuration
Semi-automatic failover
Forcepoint DLP Manager and system module upgrades, backward compatibility
Endpoint upgrades, backward and forward compatibility
InfoNet; Forcepoint firmasının Türkiye’deki YETKİLİ Eğitim Merkezidir.