Course Overview
ACE:NDR is a 2-day course designed to show current challenges security architects face with new and emerging threats and attacks. Malicious activities can be performed by individuals who have administrative access to systems and information using encryption to further compromise networks. These behaviors can be difficult for other tools to identify; Arista NDR looks at network traffic to determine behaviors, and uses AI and ML techniques to identify this suspected malicious behavior. Course candidates will gain a better understanding of challenges faced by legacy protection mechanisms and how Arista’s NDR adds additional information and understanding about network traffic. Candidates will use Arista’s NDR to see the behavior of network traffic and learn how to use the tools to enhance their threat hunting abilities.
Moyens d'évaluation :
- Quiz pré-formation de vérification des connaissances (si applicable)
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
- Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences
Who should attend
It is intended for security engineers who manage the security posture of their environment and/or network engineers who are looking to gain a better understanding of malicious behavior on the network. While the expectation is that candidates will be part of medium to large environments, any size of organization will be able to gain a better understanding of network traffic and use the tools to better identify potential threats.
Prerequisites
The Arista NDR course is best suited for individuals with mid-to-senior level experience in network and/or security operations.
Course Objectives
Designed to show current challenges security architects face with new and emerging threats and attacks.
Course Content
Arista NDR Security
- New Network, New Security Approach
- Arista NDR Security Platform
- Arista Zero Trust Security Principles
- Arista NDR + DMF
- NDR Overview and Components
- Case Studies
- Arista Professional Services
Architecture, Sizing and PS Installation
- Arista NDR Overview
- Traffic Flows
- Arista NDR and DANZ Monitoring Fabric
- Platforms
- Deployment
- Device Placement
- Hardware
- Initial Config
Navigating Arista NDR Elements
- Demo
- Help
- Dashboards
- Devices and Entities
- EntityIQ
- Situations
- Workbench
Skills, Queries and AML
- Activities
- Skills
- Queries
- Adversarial Modeling Language
Integrations
- Splunk
- Demisto
- Carbon Black
- Service Now
- Elasticsearch
- Crowdstrike
- SentinelOne
Moyens Pédagogiques :