Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP)

Course Description

Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP)

The Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v5.0 course shows you how to deploy and use Cisco® AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-bystep attack scenarios. You’ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console.

This class will help you:

  • Learn how to deploy and manage Cisco AMP for Endpoints
  • Succeed in today’s high-demand security operations roles

Learning Objectives

  • Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP)
  • Recognize the key features and concepts of the AMP for Endpoints product
  • Navigate the AMP for Endpoints console interface and perform first-use setup tasks
  • Identify and use the primary analysis features of AMP for Endpoints
  • Use the AMP for Endpoints tools to analyze a compromised host
  • Describe malware terminology and recognize malware categories
  • Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports
  • Use the AMP for Endpoints tools to analyze a malware attack and a ZeroAccess infection
  • Configure and customize AMP for Endpoints to perform malware detection
  • Create and configure a policy for AMP protected endpoints
  • Plan, deploy, and troubleshoot an AMP for Endpoints installation
  • Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use
  • Describe all the features of the Accounts menu for both public and private cloud installations


  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols


  1. Request Cisco AMP for Endpoints User Account (e-learning version only)
  2. Accessing AMP for Endpoints
  3. Attack Scenario
  4. Attack Analysis
  5. Analysis Tools and Reporting
  6. Zbot Analysis
  7. Outbreak Control
  8. Endpoint Policies
  9. Groups and Deployment
  10. Testing Your Policy Configuration
  11. REST API
  12. User Accounts (optional)

Course Information

Length: 3 day

Format: Lecture and Lab

Delivery Method: Virtual / Onsite

Max. Capacity: 16


Want to learn more? Please fill out the form below and one of our team will reach out to you shortly.

Geography & Location
Jan 10, 2022 - 3 day(s)
Jan 10, 2022
Remote Sydney Time
APAC, Remote Sydney Time
$3000 USD
$3000 USD
Feb 14, 2022 - 3 day(s)
Feb 14, 2022
Remote/Central Time Zone
AMER, Remote/Central Time Zone
$3000 USD
$3000 USD

Who Should Attend

Security administrators, Security consultants, Network administrators, Systems engineers, Technical support personnel, Cisco integrators, resellers, and partners

Want Unlimited Access to Courses?

Buying a Firefly Passport gives you 12 months of unlimited access to our live online expert-led vendor accredited training.

Request Information