McAfee Host Data Loss Prevention Administration Intel Security Education Services Administration Course



Similar documents
McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course

McAfee VirusScan and epolicy Orchestrator Administration Course

McAfee Network Data Loss Prevention Administration Intel Security Education Services Administration Course

McAfee Data Loss Prevention Endpoint 9.4.0

McAfee Data Loss Prevention Endpoint

Product Guide Revision A. McAfee Data Loss Prevention Endpoint 9.3.0

McAfee Data Loss Prevention Endpoint

McAfee Security Information Event Management (SIEM) Administration Course 101

McAfee Certified Product Specialist McAfee epolicy Orchestrator

McAfee Data Loss Prevention Endpoint

McAfee Network Security Platform Administration Course

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Data Protection McAfee s Endpoint and Network Data Loss Prevention

About Help Desk. McAfee Help Desk 2.0 Software. Product Guide. Functions of McAfee Help Desk software. Quarantine release.

Release Notes for McAfee epolicy Orchestrator 4.5

McAfee Data Loss Prevention 9.3.0

Desktop Release Notes. Desktop Release Notes 5.2.1

Data Center Connector for vsphere 3.0.0

McAfee Data Loss Prevention Endpoint

McAfee Endpoint Security Software

Intel Security Certified Product Specialist Data Loss Prevention Endpoint (DLPe)

McAfee Endpoint Encryption for PC 7.0

Sophos for Microsoft SharePoint startup guide

Product Guide. McAfee epolicy Orchestrator Software

About this release. McAfee Application Control and Change Control Addendum. Content change tracking. Configure content change tracking rule

Product Guide. McAfee epolicy Orchestrator Software

Data Center Connector for OpenStack

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

McAfee Asset Manager Console

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator Software

Best Practices Guide. McAfee Endpoint Protection for Mac 1.1.0

McAfee VirusScan Enterprise for Linux Software

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

McAfee Public Cloud Server Security Suite

How To Encrypt Files And Folders With A Password Protected By A Password Encrypted By A Safesafe (Mafee) (Eeff) 4

Performance Optimizer Software

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

Product Guide. McAfee epolicy Orchestrator Software

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Installation Guide. McAfee Security for Microsoft Exchange Software

SafeGuard Enterprise Web Helpdesk. Product version: 6.1

McAfee Database Activity Monitoring 5.0.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee Client Proxy 2.0

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

Installation Guide. McAfee SaaS Endpoint Protection 6.0

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Implementing McAfee Device Control Security


Citrix Access Gateway Plug-in for Windows User Guide

McAfee Content Security Reporter 2.0.0

McAfee epolicy Orchestrator

McAfee MOVE AntiVirus (Agentless) 3.6.0

StarWind iscsi SAN Software: Tape Drives Using StarWind and Symantec Backup Exec

CA Nimsoft Monitor. Probe Guide for E2E Application Response Monitoring. e2e_appmon v2.2 series

SafeGuard Enterprise Web Helpdesk

Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0

IBM Security QRadar SIEM Version MR1. Administration Guide

Configuration Information

Sage 100 ERP. Installation and System Administrator s Guide

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

GFI Product Manual. Administration and Configuration Manual

ALTIRIS Software Delivery Solution for Windows 6.1 SP3 Product Guide

Setting up Microsoft Office 365

Audit Management Reference

LogLogic Trend Micro OfficeScan Log Configuration Guide

Product Guide Revision A. McAfee Total Protection for Data Loss Prevention 9.2 Software

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

Providing Patch Management With N-central. Version 7.1

McAfee Client Proxy Software

Product Guide. McAfee Endpoint Security 10

SafeGuard Enterprise upgrade guide. Product version: 6.1

Symantec Patch Management Solution for Windows 7.5 SP1 powered by Altiris User Guide

McAfee Total Protection Service Installation Guide

McAfee Web Gateway 7.4.1

Product Guide. McAfee SaaS Endpoint Protection 5.2.0

McAfee DAT Reputation Implementation Guide. Version 1.0 for Enterprise


Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide

McAfee SiteAdvisor Enterprise 3.5.0

Legal Notes. Regarding Trademarks KYOCERA Document Solutions Inc.

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Installation Guide Revision B. McAfee epolicy Orchestrator Software

Product Guide. McAfee Endpoint Security for Mac Threat Prevention

McAfee SiteAdvisor Enterprise 3.5 Patch 2

SafeGuard Enterprise upgrade guide. Product version: 7

The client transfer between epo servers guide. McAfee Drive Encryption 7.1.3

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Setting up Microsoft Office 365

Strategic Asset Tracking System User Guide

VERITAS Backup Exec TM 10.0 for Windows Servers

Best Practices Guide. McAfee epolicy Orchestrator Software

Installation Guide. McAfee SaaS Endpoint Protection

Detecting rogue systems

Transcription:

McAfee Host Data Loss Prevention Administration Intel Security Education Services Administration Course The McAfee Host Data Loss Prevention (DLP) Administration course provides attendees with in-depth training on the tools and expertise you need to design, implement, configure, and troubleshoot your implementation of this solution. McAfee Host Data Loss Prevention safeguards sensitive information through a series of device protection, tagging, and reaction rules. At the end of this course, attendees should understand the capabilities of the McAfee solution and have the capability of installing McAfee Host Data Loss Prevention. Course Goals Learn that device protection and tagging rules are used to mark, track, and control sensitive information. Learn that reaction rules define the action taken when attempts are made to connect physical devices and transfer or transmit sensitive information. Agenda At A Glance Day 1 Introduction to McAfee DLP Endpoint DLP Endpoint Features DLP Endpoint Agent Architecture McAfee epolicy Orchestrator (epo) Administrative Review epo Server Installation epo Navigation and Policies DLP Endpoint Server InstallationSolidcore Clients Audience System and network administrators, security personnel, auditors, and/or consultants concerned with network and system security should take this course. Register Now for Training

Agenda At A Glance Continued Day 2 Day 3 Day 4 The McAfee Agent The DLP Endpoint Agent DLP Endpoint Agent and DLP Policy Manager Configuration DLP Endpoint Policy Assignment Device Classes and Device Definitions Device Rules DLP Definitions Classifying Content Tracking Content Locating Files with Sensitive Data Protection Rules Reporting DLP Maintenance Troubleshooting and Best Practices UDLP Overview Recommended Pre-Work It is recommended that the students have a working knowledge of Microsoft Windows administration, system Administration concepts, a basic understanding of computer security concepts, and a general understanding of viruses and anti-virus technologies. Course Outline Module 0 About the Course Course Overview Course Outline Facilities Introductions Resources Acronyms and Terms McAfee Education Services McAfee Product Training McAfee Security Certification Program McAfee Training Registration McAfee Technical Support McAfee KnowledgeBase McAfee Product Documentation DLP Endpoint Documentation Threat Center McAfee Security Content Release Notes Product Enhancement Request McAfee Community Helpful Links Classroom Lab Topology IP Addresses and Credentials Labs Module 1 Introduction to McAfee Data Loss Prevention Endpoint The Borderless Business Environment Malware Continues to Grow Data Breaches in the Headlines Why Use DLP Data Breaches in the Headlines Four Phases of an Attack The Evolving Endpoint McAfee Endpoint Protection Platform Strategy Phase Protection Methods Data Concerns The costs involved in data loss We all contribute to it. Current Approaches to Security Flawed

Data Protection Requires Data- Centric Security Data Protection Requires Different Thinking Key DLP solution requirements DLP and Privacy Laws Data Loss Prevention (DLP) use cases The McAfee DLP Solution Data types, risk areas and DLP approach Introducing McAfee Security Connected Security Connected Reference Architecture Comprehensive Data Protection The McAfee Approach Product Documentation Source Module 2 McAfee Data Loss Prevention Endpoint Features How McAfee DLP Endpoint Works Configuration and Use DLP Feature Categories Content Classification Two Endpoint Product Options Device Control Device Management Device Definitions Definitions Tagging Protection Rules Discovery Administration Administration Policy Management Policy Bypass Administrator Policy Bypass User Administration Policy Management Administration Event Reporting 3rd Party Support New Miscellaneous Features Module 3 Architecture and Installation Planning System Requirements System Requirements MAC Clients Software Support Virtualization Support System Requirements DLP Endpoint 9.3.X DLP Architecture Components McAfee DLP Layout Preview How DLP Operates How DLP Encryption Works Installation Planning Questions Unsupported Items Installation Planning Upgrades Restoring the Policy After Upgrade Installation Planning Upgrades Module 4 McAfee Security Connected and epolicy Orchestrator Overview Introducing McAfee Security Connected Security Connected Reference Architecture epo Solution Overview New for epo 5X epo Basic Solution Components How epo Works Essential Features epo Web-based Interface Users and Permission Sets SOD or RBAC for Incident Access Sensitive Data Redaction Help Desk

Menu Page: Configuration Customizing the User Interface Architecture: Agent Handler Communications Check Your Understanding Module 5 Using the Policy Catalog and Managing Policies What is a Policy? Policy Catalog Page Creating a New Policy Editing a Policy Duplicating a Policy Renaming or Deleting a Policy Policy Assignment and Inheritance Viewing Policy Assignments Locking Assignment and Enforcement Assigning Policy to Group System Tree Assigning Policy to Single System Assigning Policy to Multiple Managed Systems Viewing and Resetting Broken Inheritance Resetting Broken Inheritance Copying and Pasting Assignments When Policies are Enforced Permission Set for Policies Check Your Understanding Module 6 DLP Endpoint Server Installation Server Installation Steps Configure the epo Server Configuring the epo Server Pre-installation Steps Pre-Installation Steps Folder Configuration DLPE Installation Post Installation Steps The DLP Policy Console epo and DLP Endpoint Licensing Module 7 McAfee Agent New for McAfee Agent 4.8 McAfee Agent Agent Components Agent Agent Components Scheduler Agent Components Updater How epo Server Uses Agent GUID Agent-to-Server Communication Interval ASCI Communication Interruption Handling Agent-to-Server Communication Agent-Server Secure Communication Keys Communication after Agent Installation Typical Agent-to-Server Communication Communications Forcing Agent Activity from Server Wake-up Calls and Wake-up Tasks Configuring Agent Wake-up Locating Agent Node Using DNS Using System Tray Icon Forcing McAfee Agent Activity from Client Viewing McAfee Agent Log Sorting McAfee Agent Log Reviewing Agent Log Information McAfee Agent Log Files Using Log Files

Installation Folders Demonstration Check Your Understanding Module 8 The DLP Endpoint Agent Software Integration DLPE Agent Architecture DLPE Agent Architecture File Filter/ Controller DLPE Agent Architecture - Device Blocking Service Network (TDI) Driver Printer Driver Outlook/Lotus Notes Internet Explorer Firefox Extension Email Storage Discovery Installation Processes Installation Hardware/Software Requirements Supported Mac Operating Systems Compatible McAfee managed products Installation Overview 1. Check-in the DLPE Agent Package 2. Create a Deployment Task 3. Define a Default Rule Before Deploying 4. Restart Client and View System Tray Verify Installation Agent Bypass and Related Features DLP Endpoint Console Uninstalling DLPE Agent Using SMS/SCCM with the DLPE Agent Deploying Using SMS Install the DLPE agent Module 9 DLPE Agent and Policy Management Configuration DLPE Policies DLPE Policies Agent Configuration Policy DLPE Agent Configuration Agent Configuration Evidence Agent Configuration Evidence Replication Evidence: Hit Highlighting Agent Configuration Notification Service Agent Configuration Security Agent Configuration File Tracking Agent Configuration Email Probe Agent Configuration Events and Logging Agent Configuration Discovery Settings Adding Screen Capture Applications Miscellaneous Settings Request Justification Policy Management Revision DLP Policy Manager Options DLP Policy Manager General tab DLP Policy Manager Message Boxes DLP Policy Manager Policy Analyzer DLP Policy Manager Logging Settings DLP Policy Manager HTML Export DLP Policy Manager Whitelist Settings DLP Policy Manager Security

Module 10 DLP Endpoint Policy Assignment DLPE Policy Assignment Policy Assignment User Assignment Groups Policy Assignment Connect to Forest Privileged Users Notes on Policy Assignment Fast User Switching Naming Conventions for DLP Module 11 DLPE Device Classes and Definitions Device Control Overview Device control support for Mac computers Device Definitions Plug and Play Devices Removable Storage Devices Fixed Hard Drive Device Device Management Device classes Managed Device Classes Unmanaged Device Classes Unmanageable Device Classes Changing Device Class Status Creating a Device Class GUID for New Device Class Where to find the GUID USBView Utility Msinfo DLP Incident Manager - Incident Details Defining devices in the DLP Incident Manager Importing Device Parameters Device Definitions Plug and Play Device Definition List of Plug and Play Device Parameters Creating Device Definitions Device Parameters How to find the parameters Device Class in Device Manager Device compatible ID (advanced users only) Serial Number, Vendor ID & Product ID Removable Storage Device Definition Three Pre-defined Device Definitions Removable Storage Device Definition Parameters File System Parameters for Removable Storage List of RS Device Parameters Typical Removable storage definition File System Example File System Volume Serial Number How to find the Serial Number Example Parameters for Fixed Hard Drive Definition Whitelisted Device Definitions Edited Whitelisted Device Definitions Device Definition Groups Creating Device Definition Groups Pros and Cons of Plug and Play Device Rules Pros and Cons of Removable Storage Creating a Whitelisted Application Definition Whitelisted Application Definition Naming Device Definitions

Module 12 DLPE Device Rules Device Control Device Rule Types Block Apps from Removable Storage Adding a Device Rule Defining a Plug and Play Device Rule Reactions and Severity Notify User Change the Alert Popup Assigning to Users Activate or Deactivate a Reaction Rule Removable Storage Device Rules Creating Removable Storage Device Rules Applying the Device Definition Selecting Actions Selecting Assigned Users Assigning Rules to Computers Removable Storage File Access Rule Citrix Device rule Fixed Hard Drive Rule TrueCrypt Device Rule Sample Scenarios: Scenario Sample Scenarios: Scenario Scenario 3 Excluded Users Procedure: Sample Scenarios: Scenario Sample Scenarios: Scenario Legend for Naming Device Rules Naming Definitions Device Management Notes on Device Blocking Module 13 DLP Definitions Definitions Definitions At-a-Glance Email Destinations Creating Email Destinations Creating Email Destinations Distribution Groups in Email Rules Email Destination Groups File Extensions File Servers Network Definition Create a New Network Port Range Create a Network Address Range Group Printers Create a Printer List Add a Printer Add an Unmanaged Printer Model Web Destinations Create a Web Destination Create a Web Destination Group Naming Conventions for DLP Module 14 Classifying Content McAfee Data Loss Prevention Protecting Data with DLP Classifying Content with DLP Dictionaries Considerations for using Dictionaries Creating Dictionaries Registered Document Repositories How Registered Document Repositories Work Classifying Data with Registered Documents Registered Document Repository Definition Registered Documents Repository Group Indexing Registered Documents

Repositories Deploying the Registered Document Package Verify Installation of Registered Documents Text Patterns Creating a Text Pattern Testing a Text Pattern Creating a Text Pattern Group Whitelists Adding Whitelist Content Modifying Whitelist Content Module 15 Classifying Content with Applications and Properties McAfee Data Loss Prevention Protecting Data with DLP Applications Lists and Definitions Events The Enterprise Application List Importing an Application Manually Importing New Applications by Scanning Removing Applications from the List Application Definitions and How they are Categorized Strategies for Categorizing Applications The Application Strategy Creating an Application Definition Examples of use Creating a Web Application Definition Properties or File Extensions Three Types of Document Properties Creating Document Properties Definitions Available Parameters Creating Document Properties Definitions File extensions File Extension Definitions File Extension Groups Create File Extension Groups Module 16 Tracking Content Classifying Content DLPE Tracking Content Overview Protecting Data Tag or Content Category? Tagging Content Categories Creating a Tag Creating Content Categories Creating Tag and Category Groups Deleting Tags and Content Categories Tag Persistence Content Tracking Tag Propagation Tag Propagation: NTFS File Servers Tag Propagation: Non-NTFS File Servers Tag Propagation Email How Tagging Rules Link Tags to Content More on Tagging Creating an Application Based Tagging Rule Note on multiple applications Application Based Tagging Rule Application Tagging Example SharePoint Location Based Tagging Rule Content Classification Rules Notes on Classifying Content Content Classification Rules Registered Documents Classification Rule Manual Tagging Issues with the Manual Tagging Option Creating File Extensions

Module 17 Using Rights Management and Encryption with DLP McAfee DLPE and Rights Management What is Digital Rights Management (DRM)? DRM Benefits and How it is different McAfee Data Protection and RM Support for Rights Management Solutions Seclore IRM Apply Adobe DRM Through Discovery Remediation Use Case One: Data-at-Rest Use Case Two: Data in Use/Data in Motion Recommendations Adobe rights management users DLP Discovery Remediation Apply Windows RM Through Discovery Remediation Notes Defining Rights Management Servers Microsoft RMS Server Definition Trusted Browsers issue Adobe LiveCycle Rights Management Server Seclore FileSecure Server Encryption with DLPE Types of Encrypted Files McAfee Endpoint Encryption How Encryption is used in DLPE McAfee File & Removable Media Protection FRP Installation Encryption Keys Defining Encryption Keys in DLPE Module 18 Locating Files with Discovery Locating Files with Sensitive Content How Discovery Works Using the Discovery Crawler Creating and Defining a Discovery Rule Setting up a Discovery Scan Windows Path Definitions Setting up a Discovery Scan Scheduling a Discovery Scan Running the PST crawler from the command line Discovery summary from the endpoint console Removing files from Quarantine Module 19 Protection Rules Protecting Data with DLP Protection Rules How Protection Rules Work Actions/Rules Matrix How Definitions Are Used in Protection Rules Reaction Rules Actions Request Justification To add Justification dialog boxes or options Customizing the Block and Monitor Notification Customizing the Notify User Notification Application File Access Protection Rule Clipboard Protection Rule Clipboard Actions Clipboard Protection Rule Cloud Protection Rule Email Protection Rule Notes on Email Protection Rules Email Protection Rule File System Protection Rule Network Communication Protection Rule PDF/Image Writer Protection Rule Printing Protection Rule Removable Storage Protection Rule Improvements of Removable

Storage Protection Enhancement with Patch Removable Storage Protection Rule Screen Capture Protection Rule Web Post Protection Rule Notes on Web Post Protection rules Web Post Protection Rule Suggested formatting for Naming Examples Module 20 Reporting Collecting Data DLP Incident Manager Monitor Events Notes on Events DLPE Incident Filtering Using Labels Incident Tasks Operational Events Event Filtering Report Options More Reporting Options The DLP Dashboard Dashboard Customization Setting a Notification Evidence Rules Allowing Evidence Storage Reviewing Evidence Replication Failed Event Verify the Evidence Share information Discovery Report DLP User Permissions Policy Section DLP User Permissions Incident Access Control DLP User Permissions Incidents Data Redaction DLP User Permissions Tasks & Operational Events Permission Sets issue Cannot see redaction data Protecting Confidentiality with Redaction Role-Based Access Control Upgrades Effects to Reporting End User Experience Customized Logo Option DLP Agent Banner Image Module 21 Maintenance Database Maintenance Events Database - Database Statistics Events Database - Database Administration Database Administration Policy Analyzer Synchronizing Templates Managing Agent Configuration Importing/Resetting the Agent Configuration Exporting the DLP Policy Safe Mode Operation Viewing the System Log Server Tasks Roll-up Reporting Server Task Module 22 Best Practices and Troubleshooting Implementation Process Checklist Change Control DLP Logs

Server-side Logging - Policy Manager Logging Agent-Side Logging Diagnostic Tool Running the tool Checking the agent status DLPE Modules Data Flow Tools Process list Devices Active policy Diagnostic Tool Tuning policies Help Desk Console Issue Support Documents When Logs are Relevant Agent Service is not Running How Often are Policy Installations? How do I Know if an Agent has the Policy? McAfee Technical Support Mysupport DLP KB Articles Diagnostics Techniques to Assess Risk 2. Plan: Data Classification and Policy Data Classification Documentation of Data Flows Organizational Units-based Data Classification Application-based Data Classification End User- and Client-based Data Classification Data Security Policy Architecture DLP Solution Integration Typical DLP Deployment 3-4. Design and Implement Pilot: Set Up Design and Implement Pilot: Policy Design and Implement Validate: Monitor Design and Implement Enterprise Deployment Enterprise Deployment: Enterprise Policy 5-6. Operate and Optimize VirusScan Issues Registry Keys Performance Issues Successfully Implementing DLP Structure of a Data Risk Assessment Keys to a Successful DLP Program The Challenge of Data Growth Track and Protect Even When Data Changes 2 McAfee Data Protection Phased Approach You cannot do everything at once... Six-Step Lifecycle 2 1. Strategize: Discovery and Risk Assessment Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2015 McAfee, Inc. To order, or for further information, please contact McAfee Education at: 1-866-210-2715. NA, LTAM, and APAC: education@mcafee.com EMEA: proserv@mcafee.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information