System Engineer
During this five-day hands-on instructor-led course, you will plan, create, test and troubleshoot a Forcepoint DLP deployment. You will perform in-depth analysis of DLP component architecture, using the Security Manager you will complete advanced incident data management and maintenance tasks, such as; managing administrators, dealing with failovers, upgrades, and performing advanced debugging of DLP logs. Using the knowledge you have gained from the Forcepoint DLP Administrator course, you will configure discovery tasks to crawl files and databases, manage DLP endpoints, and use data endpoints for application control.
Format
Instructor-led
Duration:
40 hours, typically delivered in 5 sessions (8 hours per session), including exam time
Course Price:
£2,300
Exam Price:
One attempt is included
Course Details
Audience
- System engineers, high level system administrators, IT staff, professional services, and technical support
- Consultants, sales engineers, system architects, network architects, implementation specialists, deployment specialists
Course objectives
- Summarize the evolution of Forcepoint DLP.
- Identify the primary Forcepoint DLP components.
- Group and identify the Forcepoint DLP components for deployment.
- Describe various deployment types for Forcepoint DLP.
- Decribe the preparation required for installing Forcepoint DLP.
- Describe the Forcepoint DLP installation process.
- Configure the DLP base environment.
- Install the Analytics Engine to enable data analysis.
- Describe the benefits of deploying a Supplemental Server.
- Install and configure a Supplemental Server.
- Describe DLP Policy Engine architecture and event lifecycle.
- Summarize the DLP Policy structure and test a DLP policy.
- Import policies from a test system.
- Explain and test incident data flow.
- Create and run network discovery task
- Generate Discovery reports and troubleshoot the crawler.
- Manage administrators.
- Identify and run remediation scripts.
- Describe forensics repository structure.
- Describe automatic DLP component synchronization.
- Investigate Policy Engine timeouts.
- Describe the infrastructure database.
- Describe endpoint sizing and endpoint server architecture.
- Identify Endpoint log files.
- Trace Endpoint agent issues.
- Exclude applications from DLP Endpoint.
- Debug F1E using log files.
- Configure backup and restore procedures.
- Use the upgrade validation tool.
- Upgrade the Forcepoint infrastructure, DLP and protector.
Prerequisites for attendance
- Completion of the Forcepoint DLP Administrator Course and certification
- Intermediate knowledge of networking and computer security concepts
Certification exams
This course prepares you for the Certified Forcepoint DLP System Engineer exam. The exam is included in the price of the course. Both a hands-on practical exam and a 40-question multiple-choice exam will be administered on the final day of the course. A minimum score of 80% is required to obtain certification.
Course Outline
Module 1: The Evolution of Forcepoint DLP DLP
- Data security story
- Summarize the Forcepoint DLP history
Module 2: Planning a Forcepoint DLP Installation
- Identify Forcepoint DLP components and their roles
- Describe hardware sizing and performance options
- Describe DLP deployment options
- Describe web and email traffic monitoring deployment
Module 3: Installing Forcepoint DLP
- Identifying the primary Forcepoint DLP components
- Preparing for installation
- Installing Forcepoint Security Manager
- Configuring DLP base environment
- Configuring Protector for email scanning
- Performing initial testing of DLP
Module 4: Installing Additional DLP Components
- DLP module review
- Installing Analytics Engine
- Describing the benefits of deploying Supplemental Server.
- Installing Supplemental Server.
Module 5: Reviewing the DLP Policy Engine
- Describing Policy Engine architecture and event life cycle
- Summarizing DLP policy structure
- Importing DLP policies
- Testing Policy Engine
Module 6: Analyzing data
- Describing the Analytics Engine architecture and algorithm
- Running Analytics Engine manually
- Testing Analytics Engine
Module 7: Configuring Advanced Discovery Tasks
- Create and run a network discovery task
- Generate and analyze discovery task reports
- Discovering hidden data
- Load balancing the crawler
Module 8: Managing Delegated Administrators
- Describe DLP roles
- Add additional administrators to FSM
- Assign specific permissions to administraotrs
Module 9: Using DLP Automated Tools
- Identifying types of remediation script
- Executing a remediation script
- Inspecting a remediation script
- Updating DLP components
- Describing automatic DLP component synchronization
- Moving and replacing forensics
- Investigating Policy Engine timeouts
- Describing the Forcepoint infrastructure
Module 10: Troubleshooting DLP
- Describe troubleshooting methodology
- Identifying component log files
- Debugging log files
- Identifying common DLP issues
- Troubleshooting incidents not appearing in dashboard
- Troubleshooting discovery task
Module 11: Managing and Troubleshooting Forcepoint One Endpoint (F1E)
- Describing Endpoint Server architecture and endpoint communication
- Using Forcepoint One Endpoint
- Identifying endpoint log files
- Tracing endpoint agent issues
- Excluding applications from DLP endpoint
- Debugging endpoint using log files
Module 12: Disaster Recovery
- Configuring Forcepoint DLP backup and DSS restore procedures
- Performing a Forcepoint DLP backup
- Performing a Forcepot DLP restore
Module 13: Upgrading DLP
- Using the upgrade validation tool
- Upgrading the Forcepoint infrastructure
- Upgrading Forcepoint DLP
- Upgrading the protector
Register your interest
Register your interest today to take the Forcepoint Data Loss Prevention (DLP) System Engineer training course, and as soon as we confirm the schedule, you'll get an email explaining next steps.
Terms & Conditions
- This course is limited to the topics described in this data sheet and may not address all of your unique requirements
- Forcepoint trainings are standard and non-negotiable.
- Forcepoint provides the training “AS IS” and makes no warranties of any kind, express or implied.
- ILT courses must be completed within six months from purchase or the course may be forfeited
- The training services in this course are provided pursuant to the Subscription Agreement
- Assent to the Subscription Agreement constitutes acceptance of the above terms and conditions