rsa customer education catalog · training is an invaluable means of facilitating growth in your...

S e r v i c e s C a t a l o g – Q 4 2 0 1 5

RSA CUSTOMER EDUCATION CATALOG

COURSE DESCRIPTION INDEX

RSA, The Security Division of EMC 2

Identity and Access Management

RSA Access Manager Administration, Installation and Configuration ........................................... 9 RSA Via Lifecycle and Governance Administration ..................................................................... 11 RSA Business Role Manager ..................................................................................................... 13 RSA Data Access Governance Basics ........................................................................................ 15 RSA Authentication Manager Administration ............................................................................. 16 RSA Authentication Manager Installation and Configuration ...................................................... 18 RSA SecurID Help Desk Basics ..................................................................................................20 RSA Authentication Manager 6.1 to 8.x Data Migration .............................................................. 22 Migrating RSA Authentication Manager v6.1 to a v8.1 Hardware Appliance ................................. 22 RSA Authentication Manager 7.1 to 8.x Data Migration ............................................................... 24 Migrating RSA Authentication Manager v7.1 to a v8.1 Hardware Appliance ................................. 24

Governance, Risk and Compliance

Getting Started with Enterprise Risk Management .....................................................................26 Getting Started with Policy and Compliance Management .........................................................28 GRC Overview .......................................................................................................................... 30 RSA Archer Administration ........................................................................................................ 31 RSA Archer Advanced Administration ........................................................................................ 33 RSA Archer Solutions Overview ................................................................................................ 35 RSA Archer Security Operations (SecOps) Management Essentials ............................................. 37 RSA Archer Security Operations (SecOps) Management Solution Basics .................................... 39 RSA Archer Custom End-User Training Service .......................................................................... 41

Advanced Security Operations

RSA Data Loss Prevention Administration.................................................................................. 43 RSA ECAT Fundamentals ........................................................................................................... 45 RSA Security Analytics Introduction .......................................................................................... 47 RSA Security Analytics 10.5 What’s New Overview ..................................................................... 49 RSA Security Analytics Foundations .......................................................................................... 50 RSA Security Analytics Core Administration ............................................................................... 52 RSA Security Analytics Hunting ................................................................................................. 54 RSA Security Analytics Introduction to Troubleshooting for Customers ....................................... 56

Anti Fraud

RSA Adaptive Authentication On-Premise Administration .......................................................... 58 RSA Adaptive Authentication for eCommerce Back Office Tools ................................................ 60 RSA Adaptive Authentication 12 Migration ................................................................................62 RSA Web Threat Detection Essentials ........................................................................................64

Cyber Defense

RSA Intelligence-Driven Event Analysis..................................................................................... 66 RSA Incident Handling and Response ...................................................................................... 68 RSA Threat Intelligence ............................................................................................................. 70 RSA Malware Analysis .............................................................................................................. 72 RSA SOC Simulation Challenge ................................................................................................. 74 RSA Cyber Defense Workshop ................................................................................................... 75

Security Concepts and Principles

RSA Security Awareness Program .............................................................................................. 77 RSA CISSP Certification Boot Camp ........................................................................................... 79

Learning Assessments RSA Learning Assessments ...................................................................................................... 80


The Value of

Professional Education

Investing in training and education

makes good business sense and can

have a profound impact on your

team. It enables an organization to:

– Decrease operating costs and

increase productivity

– Reduce technical infrastructure

costs

– Increase effectiveness of your

technology investment

– Reduce your organization’s overall

information risk

How to Contact Us

Online www.emc.com/rsa-training

E-mail [email protected]

Phone: 800-995-5095

International: 781-515-7700

Fax: 781-515-6630

174 Middlesex Turnpike

Bedford, Massachusetts 01730 USA

ENABLE YOUR TEAM TODAY FOR TOMORROW’S IT SECURITY CHALLENGES

RSA Education Services provides practical and relevant courses that

support security learning across an enterprise. Properly trained

personnel are the lifeblood of any organization. As you implement

new technologies, add new functionality to existing systems or orient

new staff, education is a key element. Consistent and focused training

helps maintain the security of your computing environment, improves

the end user experience and increases productivity and job

satisfaction among your staff.

NEW OFFERINGS

RSA Security Analytics

RSA Security Analytics courses have been updated for product version

10.5 and are now available as the following courses:

RSA Security Analytics Introduction (eLearning) [see page 47]

RSA Security Analytics 10.5 What’s New Overview [see page 49]

RSA Security Analytics Foundations [see page 50]

RSA Security Analytics Core Administration [see page 52]

RSA Security Analytics Introduction to Troubleshooting for Customers

[see page 56]

And, with expected availabilty in late Q4, 2015:

RSA Security Analytics Hunting [see page 54].

RSA Via Lifecycle and Governance

The former RSA IMG Administration course has been revised in line

with the introduction of the RSA Via Lifecycle and RSA Via Governance

platforms. [see page 11]

RSA Archer

Two eLearning courses have been added to our offerings:

GRC Overview [see page 30]

RSA Archer Solutions Overview [see page 35]

FLEXIBLE DELIVERY OPTIONS

Instructor-Led Training (ILT)

Instructor-led classes offer comprehensive training in a fully-

equipped RSA Learning Center. Public classes give you the

opportunity to interact with your peers, further enhancing your

learning experience by sharing real-world tips and best practices.

Video Instructor Led Training (Video ILT)

Video ILT courses combine the best of instructor-delivered lectures

and presentations with the convenience and flexibility of an on-

demand learning format. Video ILT programs are delivered in

streaming format and can be viewed by the student directly on their

own computer with an internet connection.

Online Instructor-Led Training (Online ILT)

Online ILT provides real-time, interactive, virtual training where

students participate online to access the instructor-led virtual

classroom. Lecture, discussion, questions and answers, and lab

exercises makes this a flexible training experience.

eLearning

Self-paced eLearning provides you with training that is generally one

to three hours in length giving you the convenience of learning at

your own pace.


RSA PRODUCT TRAINING

Our worldwide training services are targeted to serve professionals

who are responsible for installing, supporting and administering the

entire range of RSA solutions.

Developed for security administration and network operations, the

product courses offer a variety of teaching methods including

traditional instructor-led and virtual (“on line”) instructor-led training,

video-based learning, and elearning. Instructor-led courses can also

be made available as on-site engagements at a customer’s location.

Each of these options gives you the flexibility to select a learning

mode that best fits your learning style, time constraints and budget.

RSA SECURITY AWARENESS PROGRAMS

RSA’s Security Awareness programs offer ways to test and measure

vulnerability, then provide essential education to fill any gaps. Our

Security Awareness training can target virtually every level of an

organization – raising awareness and offering concrete steps to effect

change, thus helping to prevent attackers from gaining a foothold

through unsuspecting targets.

See individual program descriptions for further details.

CYBER DEFENSE TRAINING COURSES FOR SECURITY ANALYSTS

The threat landscape is becoming more complicated every day. With

the advent and enhancement of technical innovations like cloud

computing, social media, mobile devices and big data, organizations

are finding it very difficult to keep ahead of advanced threats.

Security products, while necessary, can only go so far in identifying

and mitigating potential breaches. A skilled security analyst is key to

the success of any Information Security strategy.

The RSA Cyber Defense Training courses address these challenges by

offering comprehensive training on analytic processes and techniques

that are independent of a specific attack technique or security

product. These courses focus on analysis skills that are directly

relevant to the current security climate. The curriculum also provides

a path for security analysts to advance their skills by offering an

approach based on roles that are generally consistent with the roles

and responsibilities of a SOC.


Benefits of Onsite

Training

Substantial cost Savings

– Save up to 40% compared to

individual public class rates

Less student down time

– Reduce travel concerns and

out-of-office time

Convenient, Flexible

Scheduling

– Your training can be scheduled

at the time and location most

convenient for you

Benefits of Online

Instructor-led Training

– No travel cost or travel time

– Live instructor with whom you

can interact and ask questions

– Same content as the classroom

version of the course with

hands-on labs to reinforce

concepts

– Modest connectivity

requirements allow participation

from anywhere

– Publicly-scheduled classes for

individual participants or Private

sessions for organizations

that prefer virtual training for

their dispersed teams

ONSITE TRAINING

With RSA Onsite training, you and your people aren’t locked into a

pre-existing schedule of public classes at a pre-existing location. RSA

Education Services can work with you to schedule your training at the

time and location that’s most convenient for you. That means training

doesn’t have to conflict with your other business priorities – and it can

be timed precisely to support your RSA implementation.

RSA Onsite training rates can save an organization up to 40% when

compared to individual student rates. Additional cost savings are

realized by eliminating the need for student travel. What’s more, since

your students are not preparing for trips – or making their way back

from airports after training – they are likely to be more productive and

accessible in the days surrounding their training experience.

ONLINE INSTRUCTOR-LED TRAINING

What is Online ILT?

Online ILT is real-time virtual training conducted remotely by RSA

instructors. It’s virtual training that mirrors the classroom experience

with:

Live web casts. During scheduled web casts, students communicate

with their RSA instructor and other students, ask questions, and

experience RSA products through live demonstration.

Hands-on labs. Students access a remote lab environment that

enables them to interact with RSA software and practice what

they’ve learned.

Course materials. Course materials are shipped to participants in

advance of the class. Just like in a classroom, students use these

materials under the guidance of the instructor.

Instructor guidance. During class time, students have the benefit of

the instructor’s expertise to assist during the live web casts and

Hands-on Labs. During lab time, the instructor can shadow students

by virtually looking over the shoulder of each student to evaluate

their progress and provide assistance.

RSA LEARNING ASSESSMENTS

As organizations increasingly depend on technology to manage their

businesses, the need for employees to be knowledgeable about

security is increasingly evident. Whether they are IT security

professionals or general office staff, having the appropriate security

knowledge and skills to perform their jobs is a critical business driver.

To plan and position your security training initiatives cost-effectively,

RSA Learning Assessments are tools to measure your team’s

knowledge of RSA products and other security-related concepts. Based

on the learning assessment results, we can work with you to identify a

learning program that works for you and your team.

RSA Learning Assessments are useful for organizations who recognize

a need for training but aren’t quite sure what training their team really

needs. By leveraging RSA Learning Assessments, you can better

understand the learning gaps and make an informed decision about

the most effective individual and group training plans for your team.

Online RSA Learning Assessments are available to you at no charge.

An assessment can be completed within 15-20 minutes with

immediate results provided to the assessment taker. For a team

assessment, management reports can be provided that evaluates

individual and group results.


RSA Training Unit

Details:

– Each Training Unit has a value

of $100 US

– Valid for customers and

partners in all regions

– Can be used to register one or

more individuals

– Can be redeemed for any RSA

course and any delivery mode

– Valid for one year (364 days)

from time of issuance. Any

unused days are null and void

after the expiration date

– Payment can be made with:

purchase order, credit card, or

company check

Registration and

Payment

Please complete your

registration at

www.emc.com/rsa-training. Be

sure you register with the e-mail

address of the student attending

class, as this is the only unique

identifier we have for each

student.

Complete details regarding

payment by purchase order,

credit card or check are provided

on our web site.

RSA TRAINING UNITS

Training is an invaluable means of facilitating growth in your

organization and increasing the skills and knowledge of your

employees. With RSA Training Units (TUs) you can invest in RSA

courses and use them whenever RSA training is necessary.

Training units are simply RSA Education Services currency. They are

deposited into a company’s training account and are available for

general consumption by your company’s employees. Valid for one

year from date of purchase, pre-paid TUs provide maximum flexibility

to ensure your team’s readiness.

With RSA TUs you can satisfy your training requirements as they

evolve throughout the year. You reduce the paperwork and approvals

associated with multiple enrollments by taking care of all your training

needs with a single purchase.

RSA CERTIFIED SECURITY PROFESSIONAL CERTIFICATION

By becoming an RSA Certified Security Professional, you possess the

credentials that demonstrate your knowledge and skills necessary to

function as a practical expert in the rapidly growing information security

industry. Job-based certifications are available for administrators for the

product areas designated below. Our relationship with Pearson VUE,

which operates 5,000 testing centers in 165 countries, provides

convenient access to certification exams and ensures impartial testing.

The RSA Certified Administrator specialization is designed for

professionals who administer and maintain enterprise security systems

that use RSA SecurID®, RSA Archer®, or RSA® Security Analytics.

Certification Recommended RSA Courses

RSA Archer Certified Administrator

RSA Archer Administration

RSA Archer Advanced Administration

RSA SecurID Certified Administrator

RSA Authentication Manager Administration

RSA Authentication Manager Installation and

Configuration

RSA Security Analytics Certified Administrator

RSA Security Analytics Administration

EMC2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective owners. © Copyright 2014 EMC Corporation. All rights reserved. Published in the USA.

EDCAT SB 0615 r1

SUMMARY OF OFFERINGS BY DELIVERY MODE

7

ILT VILT e-Learning Online ILT

Identity and Access Management

RSA Access Manager Administration, Installation and Configuration RSA Via Lifecycle and Governance Administration RSA Business Role Manager RSA Data Access Governance Basics RSA Authentication Manager Administration RSA Authentication Manager Installation and Configuration RSA SecurID Help Desk Basics RSA Authentication Manager 6.1 to 8.x Data Migration Migrating RSA Authentication Manager v6.1 to a v8.1 Hardware

Appliance

RSA Authentication Manager 7.1 to 8.x Data Migration Migrating RSA Authentication Manager v7.1 to a v8.1 Hardware

Appliance

Governance, Risk and Compliance

Getting Started with Enterprise Risk Management Getting Started with Policy and Compliance Management GRC Overview RSA Archer Administration RSA Archer Advanced Administration RSA Archer Solutions Overview RSA Archer Security Operations (SecOps) Management Essentials

[Expected availability: early Q4 2015]

RSA Archer Security Operations (SecOps) Management Solution

Basics

RSA Archer Custom End-User Training Service Advanced Security Operations

RSA Data Loss Prevention Administration RSA ECAT Fundamentals RSA Security Analytics Introduction RSA Security Analytics 10.5 What’s New Overview RSA Security Analytics Foundations RSA Security Analytics Core Administration RSA Security Analytics Hunting

[Expected availability: late Q4 2015]

RSA Security Analytics Introduction to Troubleshooting for

Customers

SUMMARY OF OFFERINGS BY DELIVERY MODE (CONTINUED)

8

ILT VILT e-Learning Online ILT

Anti Fraud

RSA Adaptive Authentication On Premise Administration RSA Adaptive Authentication for eCommerce Back Office Tools RSA Adaptive Authentication 12 Migration RSA Web Threat Detection Essentials Cyber Defense

RSA Intelligence-Driven Event Analysis RSA Incident Handling and Response RSA Threat Intelligence RSA Malware Analysis RSA SOC Simulation Challenge RSA Cyber Defense Workshop Security Concepts and Principles

RSA Security Awareness Program RSA Certified Information Systems Security Professional (CISSP)

Boot Camp

9

RSA® Access Manager Administration,

Installation and Configuration Course Description

Overview RSA Access Manager system architecture, server structure, integration of components

into an enterprise infrastructure, user organization, and the importance of various

configuration parameters are discussed. Hands-on labs allow the student to work step-by-

step through the phases of an RSA Access Manager implementation.

Extensive hands-on labs and the use of a realistic case study reinforce the tasks involved

in creating a complete Web access management solution.

Audience System, security, or help desk personnel who need to install, deploy and/or maintain RSA

Access Manager.

Duration 4 days

Prerequisite Knowledge/Skills Familiarity with Web and directory server or database technologies; A functional

knowledge of OS and networking fundamentals.

Course Objectives Upon successful completion of this course, participants should be able to:

Explain the basic architecture and integration of RSA Access Manager in an enterprise

environment

Describe the processes and methodology for performing a successful installation and

implementation of the core servers, data adapter, Administrative Console and

representative Agents

Describe the management functions used for resource and end user administration

Using a case study, perform typical administration functions to populate and

configure users, administrators and groups in an RSA Access Manager database

Explain the configuration parameters that can be used to tailor the RSA Access

Manager components to accomplish specific tasks and functions

Establish Entitlements and use RSA Access Manager Smart Rules™ to manage Web

access and protect resources in a classroom Web environment

Perform system troubleshooting and analysis through the use of audit logs and user

reports

Explore how runtime and administrative operations can be extended through the use

of the API library

AT-A-GLANCE

This course offers

theoretical and hands-on

instruction in the

administrative functions,

operations, and

installation and

configuration tasks

associated with the RSA

Access Manager product.

REGISTER FOR CLASSES:

For an up-to-date schedule

of Instructor-led classes and

other training options, visit

the RSA Training and

Certification web site:

www.emc.com/rsa-training

CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630


Bedford, Massachusetts

01730

COURSE PART NUMBERS:

ED CLRAIN210 – Onsite Class

ED ACCMGR TRAIN UNIT –

Training Units

10 © Copyright 2013 EMC Corporation. All rights reserved. 08/2013 EMC2, EMC, RSA, RSA Security, Archer, NetWitness and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries.

Course Outline

RSA Access Manager Overview

▬ High level description of RSA Access Manager

and its contribution to access management

RSA Access Manager Architecture

▬ Description and functions of the Primary

Servers; Web and Application Server Agents

▬ Data Flow for the Runtime and Administrative

operations

▬ Description of how RSA Access Manager fits

into a distributed security model

Installation and Configuration

▬ Description of RSA Access Manager system

requirements and pre-installation readiness

tasks

▬ Installation procedure, options, and

recommended practices

▬ Installation of Access Manager Servers, LDAP

Data Adapter, Administrative Console, and

Web and Application Server Agents

▬ Configuration of Web Server for Single Sign-

On

Managing Resources

▬ Discussion of how resources (Web sites,

Applications, etc.) are protected using RSA

Access Manager – focusing on selectivity and

granularity in various situations

▬ Registration of Web Servers and definition of

Applications

▬ Discussion of Virtual Web Server Hosts

▬ Configuration of Web Server for virtual hosts

Delegated Administration

▬ Discussion of the administrative structure that

is possible in an RSA Access Manager

installation

▬ Use of Administrative Groups and ownership

hierarchy of administrators, users, and objects

▬ Examination of Administrative Roles and

responsibilities

Managing the Organization

▬ Policy control for user authentication and

passwords

▬ Methodology of structuring users, groups, user

attributes, and properties

Creation of user properties and addition of

users to groups

Resource Protection and Authentication

▬ Discussion of Authentication Methods used to

protect resources; Form-based vs.

challenge/response authentication; Chaining

and combining forms

▬ Discussion of how resources are defined to

allow granular protection

▬ Use of RSA Access Manager Entitlements and

Smart Rules to selectively manage access to

resources

▬ How to manage conflicts among Smart Rules

and between Smart Rules and Entitlements

▬ Configuration of Access Manager for external

authentication and URL retention

Troubleshooting

▬ Examination of the log files and use of special

configuration parameters to control log detail

▬ Configuration of servers for centralized

logging

▬ Configuration of Network Management

▬ Discussion of approaches to user and system

troubleshooting

Development Tools

▬ Discussion of the various Runtime,

Administrative, and Web Agent Extension API

tools that are available

▬ Examination and implementation of JAVA

coding examples

Single Sign-On

▬ Discussion of the function and objectives of

creating a single sign-on environment

▬ Explanation of the differences and challenges

of ‘Intra-’ vs. ‘Inter-’ site single sign-on

▬ Configuration of Access Manager for SSO and

ISSO

Distributed Authorization

▬ Discussion of achieving redundant

functionality and failover

▬ Explanation of the differences in Standard

Mode vs. Distributed Mode failover

▬ Test of centralized logging

11

RSA® Via Lifecycle and Governance

Administration Course Description

Overview This course provides an overview of the administrative responsibilities and configuration

options associated with the RSA Via Lifecycle and Governance (RSA Via L & G) platform.

Students will gain a comprehensive understanding of the access review cycle, change

request and provisioning capabilities of the platform. Students will enable the ACM, ARM,

AFX and Rules modules. Hands-on labs are used to reinforce the tasks involved in

configuring, maintaining, and utilizing the platform to collect identities, accounts,

entitlements and application roles for several directories and applications as well as

perform user and account reviews and other tasks in a simulated review cycle. Students

will configure the components necessary to automate provisioning and new user

registration processes and will create workflows, notifications, and several types of

change requests. Students will discuss collectors, applications, directories, business

descriptions, roles, rules, provisioning options, reporting and dashboards to provide an

end-to-end structured experience for the students.

Audience RSA Via Lifecycle and Governance (formerly RSA IMG) platform administrators,

implementers and other technical users who need to configure, administer, or support the

RSA Via Lifecycle and Governance platform.

Duration 4 days

Prerequisite Knowledge/Skills Familiarity with Identity Management concepts, Active Directory, LDAP, and SQL

querying.


List the components included in the RSA Via L&G platform

Understand platform configuration options

Enable the ACM, ARM, Roles, AFX and Rules modules

Package and import platform resource objects

Perform administrative functions, including configuring identity, account, and

entitlement collectors, and unifying user data

Configure and process business policy sets, rules, notifications and workflows

Configure, run, and perform user access certification reviews

Configure and take action on change requests, user registrations, and workflows for

requests

Deploy automated provisioning options for change requests and user registrations

Create and publish reports and charts to dashboards and external sources

AT-A-GLANCE

The RSA Via Lifecycle and

Governance Administration

course provides an

overview of the

administrative and

configuration options

associated with the RSA Via

Lifecycle and Governance

platform.


For an up-to-date schedule of

Instructor-led classes and other

training options, visit the RSA

Training and Certification web

site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630


Bedford, Massachusetts 01730


ED-VLG-ADM-110 – Public class

ED-VLG-ADM-210 – Onsite

class

ED-VLG-ADM-TRAINUNIT –

Training Units


Course Outline

Introduction to RSA Via L&G

▬ RSA Via L&G Platform Overview

▬ Course scenario overview

▬ Data model overview

▬ Prestige Simulation

Administration Overview

▬ AveksaAdmin account

▬ Admin menu

▬ Enabling platform modules

▬ Enabling Notifications

▬ Help system

▬ Task list

▬ UI Security

RSA Via L&G Platform User Interface

▬ Admin System Settings

▬ User Interface styles

▬ Naming your environment

▬ Login Screen

▬ Header and Menu Bar

▬ Packaging and Importing

Requirements Gathering

▬ Business Resources

▬ Directories and Applications

▬ Out of the Box Attributes

▬ Custom Attributes

▬ Custom Values Lists

▬ Collected VS. ACM Managed Attributes

▬ Hiding attributes

▬ Table options

Users and Identities

▬ Users and Identities Overview

▬ Directories

▬ Directory Groups

▬ Business Units

▬ Identity Data Collectors

▬ Unification Process

▬ Collecting Identities

▬ Authentication

Accounts, Roles and Entitlements

▬ Aveksa Admin roles

▬ Granular Aveksa Admin Privileges

▬ Rapid Application Onboarding

▬ Account Attributes

▬ Account Data Collectors

▬ Orphaned Accounts

▬ Entitlement Attributes

▬ Entitlement Data Collectors

▬ Application Roles

▬ Business Descriptions

▬ Collecting Entitlements

▬ Collecting multiple owners for resources

Roles

▬ Roles Overview

▬ Collecting Application Roles

▬ Roles module vs. BRM

Rules

▬ Rules Overview

▬ Rule Definitions

▬ Out of the box Rules

▬ Creating custom rules

▬ Rules logic

▬ Processing Rules

▬ Violations, Remediations and exceptions

▬ Out of the box and custom rules workflows

▬ Granular security for rules

Reviews

▬ Reviews Overview

▬ Creating Review Definitions

▬ Modifying reviews workflows

▬ Administering Reviews

▬ Performing Reviews

▬ Refreshing Reviews

▬ Watch closures

▬ Completing a Review and Reporting Results

Workflows, Notifications and Escalations

▬ Workflows Overview

▬ Creating Workflows

▬ Out of the box templates

▬ Creating Notification templates

▬ Creating Escalations

▬ Viewing email logs

Dashboards and Reports

▬ Reports Overview

▬ Out of the box reports and charts

▬ Modify OOTB reports using the query tab

▬ Build Custom Reports and Charts

▬ Dashboard options

▬ Build and modify dashboards

Access Request Manager

▬ Access Requests Manager Overview

▬ Custom Forms and controls (fields)

▬ Custom Buttons

▬ Naming policies and naming transforms

▬ Custom User and Entitlement Views

▬ Workflows, Notifications and Escalations

▬ Provisioning options

Provisioning with AFX

▬ Access Fulfillment Express Overview

▬ Deploying Access Fulfillment Express

▬ Importing AFX Connectors

▬ Configuring Connectors

▬ Configuring Endpoint capabilities

Capstone Structured Experience

▬ Complete end-to-end access review cycle

▬ Deploy change requests with automated

provisioning

▬ Publish final reports to simulation auditorsand executives

Additional Resources

▬ Community membership

▬ RSA Secure Care Online


RSA® Business Role Manager Course Description

Overview The RSA Business Role Manager eLearning module extends the capabilities of the IMG

product to include the ability to group users and entitlements into roles. The RSA BRM

eLearning module provides an overview of BRM components. Topics include terminology,

configuration, and role mining options to tailor the module to a customer’s needs.

Demonstrations illustrate the tasks involved in configuring, maintaining, and utilizing the

Business Role Manager module.

The course is comprised of lecture content as well as recorded product demonstrations to

illustrate the RSA BRM product in action.

Audience RSA Identity and Access Management/Identity Management and Governance/RSA Via

Lifecycle and Governance administrators, implementers and other technical users who

need to configure, administer, or support the RSA Business Role Manager module.

Duration 4 hours (eLearning)

Prerequisite Knowledge/Skills Completion of the RSA Identity Management and Governance (IMG) course (or former

RSA ACM Foundations course).


Enable the Roles option and Business Role Manager module Understand the functionality and capabilities of the Roles and Business Role Manager

modules Understand Business Role Manager terminology Understand the differences between business, technical, and global roles Interpret role metrics are produced Create, configure and manage roles Create and configure role options Create and configure role sets Discover roles and entitlements

Define role membership rules Manage organization roles for compliance to best practice principles

Allow others to manage roles

AT-A-GLANCE

The RSA Business Role

Manager eLearning provides

instruction on the

administrative

responsibilities and



Business Role Manager

module.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Training Units


Course Outline

Business Role Manager Overview

▬ BRM Features

▬ Definition of a Role

▬ Benefits of using Roles in Access Governance

▬ Difference between Business Roles and

Technical Roles

Enable and Configure BRM

▬ How to enable BRM.

▬ Role configuration options

▬ Role management options

Create a Role

▬ Best practices for creating a role

▬ Definition of a birthright role

▬ How to create a role

▬ Definition of a role set

▬ How to create a role set

▬ How to add members to a role

▬ Role membership rules

▬ Role metrics

Discover Roles

▬ Benefit of role discovery

▬ Definition of top-down role modeling

▬ Demonstration of top-down role modeling

▬ Definition of bottom up role modeling

▬ Demonstration of bottom-up role modeling

Manage Roles

▬ Role management lifecycle

▬ Common indicators of role problems

▬ Using roles in entitlement reviews

▬ Interpreting role metrics

15

RSA® Data Access Governance Basics Course Description

Overview This eLearning course discusses the use of the RSA Data Access Governance module as a

tool to collect and manage user access to data resources. Topics include collection

configuration, access reviews, user access requests, and data resource ownership.

Recorded demonstrations (eLearning) reinforce the tasks involved in configuring,

maintaining, and utilizing the Data Access Governance module.

Audience RSA Identity and Access Management/Identity Management and Governance

administrators, implementers and other technical users who need to configure,

administer, or support the RSA IMG Business Role Manager module.

Duration 2 hours (eLearning)

Prerequisite Knowledge/Skills Completion of the RSA Identity Management and Governance (IMG) Administration

course (or former RSA ACM Foundations course).


Enable the RSA Data Access Governance (DAG) module

Understand how RSA DAG and StealthBits® StealthAUDIT® work together to collect

data resource information

Manage reviews of resource owners and user access

Configure rules to support an organization’s user access policies

Configure and manage end user data access requests

Course Outline

Purpose and function of RSA Data Access Governance

▬ Use and benefits of RSA DAG

▬ Permission types

▬ DAG operations

RSA DAG Architecture

▬ Components and functions

▬ Data flows

Process and Workflows

▬ Data acquisition

▬ Review workflow

▬ Rules and rule processing

▬ End user data access requests

AT-A-GLANCE

The RSA Data Access

Governance Basics

eLearning course provides

instruction on the

administrative

responsibilities and



Data Access Governance

module.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Training Units

16

RSA® Authentication Manager


Overview The working principles behind RSA Authentication Manager and RSA SecurID

authenticators are discussed, including product architecture, time synchronization,

managing external Identity Sources and exploring all aspects of an administrative

structure. Extensive hands-on labs reinforce the administrative tasks involved in

managing a user population and token assignment.

The subject matter in this course prepares students with the classroom component

recommended for the RSA Authentication Manager Certified Administrator

certification.

Audience System, security, or help desk administrators who need to administer and support

RSA SecurID products.

Duration 2 days

Prerequisite Knowledge/Skills Familiarity with Microsoft® Windows® or UNIX/Linux system administration.


Understand the basic architecture and theory of operation of the RSA SecurID

product suite

Perform configurations required for RSA Authentication Manager system

operations

Perform user administration functions to populate and manage users

Perform reporting and user troubleshooting

Understand ongoing maintenance requirements

Understand the setup and use of software authenticators

Understand the configuration and use of self-service functionality

AT-A-GLANCE

This course provides an

overview of the

administrative

responsibilities associated

with an RSA SecurID®

system.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED AMADM210 – Onsite Class

ED AM TRAIN UNIT – Training

Units


Course Outline

Product and Technology Overview

▬ High level description of RSA Authentication

Manager and its contribution to user

authentication

▬ Authentication as a foundation of security,

trust and confidence in digital identities

▬ RSA Authentication Manager system

components and communication

RSA SecurID Authentication

▬ RSA SecurID authentication options

▬ Concepts of strong user authentication

▬ Token technology – time synchronization,

authenticator types

Risk-Based Authentication

▬ Configuration and management of Risk-

based authentication

▬ Device fingerprinting and behavior data

collection and analysis

▬ Selecting assurance levels

Deployment and Administrative Structure

▬ Deployment planning and establishing an

administrative structure

Policy Management

▬ Defining and applying policies to the system

and Security Domains

- Password and Token policies

- Lockout and self-service policies

- Risk-based and Offline authentication

policies

System Administration

▬ Establishing and maintaining organizational

and administrative structures:

- LDAP Identity Sources

- Security Domains

- User and User Group structures

- Administrative roles and delegation

- Authentication Agents

Authenticator Management

▬ Managing RSA SecurID hardware tokens

▬ Software token deployment and installation

▬ Managing Risk-Based Authentication

▬ Managing On-Demand Authentication

Auditing, Reports and Troubleshooting

▬ RSA Authentication Manager report functions

▬ Report customization

▬ Troubleshooting procedures

Self-Service Management and Support

▬ Configurations for user self-service functions

▬ User account and authenticator management

and provisioning

18

RSA® Authentication Manager

Installation and Configuration Course Description

Overview This course assumes that the student has attended the RSA Authentication

Manager Administration course or has equivalent operation and administrative

experience with RSA Authentication Manager – administrative tasks are not

covered as part of this course.

Audience Technical personnel who install, service and support RSA Authentication Manager

and RSA SecurID deployments.

Duration 2 days

Prerequisite Knowledge/Skills Microsoft® Windows® or UNIX/Linux system administration; attendance in RSA

Authentication Manager Administration course, or equivalent v7.1 or v8

administration experience; Familiarity with virtual machine deployment on

VMware.


Plan and perform the pre-installation, installation, and configuration tasks to

accomplish an RSA Authentication Manager virtual appliance installation in a

VMware environment

Configure RSA Authentication Manager system parameters

Configure and connect to external LDAP Identity Sources

Create redundant/failover RSA Authentication Manager replica servers and

understand the role and management of replica server instances

Install and configure RSA Authentication Agents for local workstation and web

access protection

Perform an RSA Authentication Manager Web Tier installation to support user

self-service and risk-based authentication

AT-A-GLANCE

This course offers hands-on

training on the installation

and configuration of RSA

Authentication Manager,

Authentication Agents, Web

Tier, and other RSA

SecurID® system

components..






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED AMINS210 – Onsite Class


Units


Course Outline

RSA Authentication Manager

System Architecture

▬ Primary and Replica instances

▬ Authentication Agents and communication

paths

▬ Identity Sources

▬ Firewall configurations

▬ Web Tier component

▬ RADIUS communication

Deployment Scenarios and Planning

▬ Deployment and Installation planning

▬ Using the right Authentication Agent

▬ Planning administrative support

▬ Using CT-KIP for software token deployment

RSA Authentication Manager Deployment

▬ Pre-Installation requirements and

considerations

▬ Supported VMware environments and

features

▬ V8.1 Hardware Appliance deployment

▬ Deployment process and steps

▬ Post-deployment tasks

System Configurations

▬ Settings and configurations

- System-wide configurations

- Instance settings

- Console and dashboard personalization

Authentication Agent Configurations

▬ Functions and features of representative

Authentication Agent installations for

Microsoft Windows and Linux operating

systems

▬ Configuring Agent software for local,

network and web access protection

▬ Handling node secret and sdconf.rec files

Replica Instances

▬ Strategies for dealing with primary instance

failures and replica promotion

▬ Creating replica packages

▬ Establishing preferred and failover servers in

Agent hosts

Web Tier Installation

▬ Requirements and installation process for the

Web Tier component

▬ Customizing the end user interface

System Utilities

▬ Using the Command-line Utility package

▬ Installing and configuring the Windows MMC

snap-in

▬ Managing Realm trusts

Credential Manager Configuration

▬ Setting up the Credential Manager for

provisioning

RADIUS Server Configuration

▬ RADIUS functions and capabilities

▬ Primary and Replica RADIUS servers

▬ Managing RADIUS users

RSA Authentication Manager Migration Overview

▬ Optional overview of the migration process

from version 6.1 to version 8 and/or version

7.1 to version 8

▬ This module is delivered if students are

planning to perform a migration in their

production system and are interested in the

general planning and steps involved in a

migration

20

RSA SecurID® Help Desk Basics Course Description

Overview An overview of RSA Authentication Manager and RSA SecurID authenticators and

authentication methods are presented, as well as how functions and controls are

accessed in the administrative interface. Instructor demonstrations of important

operations relating to typical end user cases reinforce the steps that Help Desk

representatives can take for troubleshooting and assisting their user population.

This course is useful for new representatives supporting RSA SecurID users as well

as a refresher course for representatives who infrequently work with RSA SecurID

support issues.

Audience Help Desk representatives who need to assist and support RSA SecurID users

Duration 1 day

Prerequisite Knowledge/Skills General familiarity with system administration functions


Understand the high-level architecture and theory of operation of the RSA

SecurID product suite

Identify common authentication problem areas

Perform common user assistance tasks

Understand the use of the user Self-service capabilities

AT-A-GLANCE

This course provides the

fundamental information

about an RSA SecurID®

system deployment to assist

Help Desk representatives

respond to end users.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

The following modules are designed to support the course objectives:

RSA SecurID System Overview

▬ High level description of RSA SecurID and

RSA Authentication Manager system

components

▬ RSA authentication methods:

o Hardware and Software authenticators

o On-Demand Authentication

o Risk-Based Authentication

▬ Authentication process and data flow

Authentication Problem Areas

▬ Identifying and isolating user problems

▬ Common user errors

▬ Differentiating User vs Agent vs Server

problems

System Configurations

▬ Organizational structures – users, groups,

Security Domains and Identity Sources

▬ Authentication options and policies

Authenticator Operations

▬ Hardware tokens

▬ Software tokens

▬ On-demand codes

▬ Emergency and temporary codes

Monitors and Reports

▬ Using the Authentication Monitor

▬ Generating reports to track and user activity

User Troubleshooting

▬ Troubleshooting procedures

▬ Security considerations

Self-service Console

▬ User self-service functions

▬ Self-Service provisioning flow

▬ Troubleshooting user self-service problems

22

RSA® Authentication Manager 6.1 to

8.x MigrationCourse Descriptions

Overview Product functionality that is pertinent to the migration of v6.1 is discussed as well

as the process and considerations for migrating to a v8.x environment.

Note that this course discusses migration of “out-of-box” deployments and does

not address migration of customized APIs running under v6.1.

Audience Technologists who are responsible for an RSA SecurID system and intend on

migrating from RSA Authentication Manager v6.1 to v8.

Prerequisite Knowledge/Skills Familiarity with RSA SecurID technology and RSA Authentication Manager v6.1.

RSA Authentication Manager 6.1 to 8.0 Data Migration This course describes the features and functions that are new to RSA

Authentication Manager v8.x as well as how database objects and structures map

from v6.1 to v8.x. It details several deployment and migration scenarios and the

steps required to migrate v6.1 data to a v8.x installation.

Duration

Approximately 1 hour

Migrating RSA Authentication Manager v6.1 to a v8.1

Hardware Appliance This course augments the data migration course (described above) and focuses on

the process and considerations for migrating to a version 8.1 hardware appliance

from v6.1.

Duration

Approximately 15 minutes

This elearning course is available to customers at no charge.

If you are accessing RSA eLearning for the first time, please visit http://powerlink.emc.com to establish an account.

If you already have an account through EMC Powerlink, go directly to www.emc.com/rsa-training to access this course.

AT-A-GLANCE

This eLearning course

guides the participant

through the steps to

accomplish a standard

migration from RSA

Authentication Manager

version 6.1 to version 8.x.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




RSA Authentication Manager 6.1 to 8.0 Data Migration

Course Objectives Upon successful completion of this course,

participants should be able to:

Provide an overview of the fundamental

differences between RSA Authentication Manager

v6.1 and v8.x – features and functions

Describe the specific database objects that are

migrated between product versions and how they

are handled by the migration

Describe the pre-migration steps to prepare a

v6.1 database for migration

Describe the post-migration structures that can

be created in v8.x to contain and manage

migrated objects

Course Outline Comparison of v6.1/v8.x Architecture and

Administrative Structures

▬ Describes the general architecture and

compares differences/parallels between

product versions

▬ Describes the major areas of importance in

the v8.x data structures and how they map

to a v6.1 environment

▬ Describes terminology used in v8.x

Overview of the Migration Process

▬ High-level description of the methodology

for approaching a migration

▬ Describes in detail how database objects are

mapped from version to version

Pre-Migration Preparation

▬ Describes the considerations and best

practices involved in preparing a v6.1

environment for migration — database

cleaning, creating/dismantling structures,

etc. and preparing a v8.x environment to

receive migrated information — what

decisions and elements should be made

before migration

Post-Migration Considerations

▬ Description of tasks that can be performed

after the completion of the migration

process

Migration of an RSA SecurID Appliance

▬ Describes the general process for migrating

data from a v6.1 RSA SecurID Appliance to

a v8 environment

Migrating RSA Authentication Manager v6.1 to a v8.1 Hardware Appliance

Course Objectives Upon successful completion of this course, participants

should be able to:

Understand a deployment architecture that

includes one or more v8.1 hardware appliances as

primary and/or Replica instances

Describe the migration process of migrating from

a v6.1 software or hardware appliance platform to

a v8.1 hardware appliance

Course Outline Overview of v8.1 Architecture

▬ Describes the architecture and deployments

options that include a v8.1 hardware

appliance


▬ Describes migration tasks involved with

migrating to a hardware appliance that are

over and above the tasks involved with data

migration alone

▬ Using the v6.1 Migration Assessment Tool

Migration Steps

▬ Describes the initial connections and setup of

a v8.1 hardware appliance

▬ Describes the steps involved with migration

from exporting v6.1 data to importing it into a

v8.1 hardware appliance.

24

RSA® Authentication Manager 7.1 to

8.x MigrationCourse Descriptions

Overview Product functionality that is pertinent to the migration is discussed as well as

virtual and hardware appliance deployment, Web Tier, and Risk-Based

Authentication options that are new in v8.x.

Note that these courses discuss migration of “out-of-box” deployments and do not

address migration of customized environments or APIs running under v7.1.

Audience Technologists who are responsible for an RSA SecurID system and intend on

migrating from RSA Authentication Manager v7.1 to v8.

Prerequisite Knowledge/Skills Familiarity with RSA SecurID technology and RSA Authentication Manager v7.1.

RSA Authentication Manager 7.1 to 8.0 Data Migration This course describes the features and functions that are new to RSA

Authentication Manager v8.x. It details several deployment and migration

scenarios and the steps required to migrate v7.1 data to a v8.x installation.

Duration

Approximately 1 hour

Migrating RSA Authentication Manager v7.1 to a v8.1 Hardware Appliance This course augments the data migration course (described above) and focuses on

the process and considerations for migrating to a version 8.1 hardware appliance

from v7.1. The information in this course is appropriate for v7.1 deployments that

currently use hardware appliances as well as for migrations to v8.1 that will begin

using a hardware appliance for the first time.

Duration

Approximately 15 minutes

AT-A-GLANCE

This eLearning course

guides the participant

through the steps to

accomplish a standard

migration from RSA

Authentication Manager

version 7.1 to version 8.x.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630



This elearning course is available to customers at no charge.

If you are accessing RSA eLearning for the first time, please visit http://powerlink.emc.com to establish an account.

If you already have an account through EMC Powerlink, go directly to www.emc.com/rsa-training to access this course.


RSA Authentication Manager 7.1 to 8.0 Data Migration

Course Objectives Upon successful completion of this course,

participants should be able to:

Provide an overview of the fundamental

differences between RSA Authentication Manager

v7.1 and v8 – features and functions

Describe the migration process

Describe the pre-migration steps to prepare for

v7.1 data export

Describe the post-migration tasks in a v8

environment

Course Outline Comparison of v7.1/v8 Architecture

▬ Describes the general architecture and

system components that are similar to v7.1

and those that are new to v8


▬ High-level description of the options and

methodology involved with migration

▬ Discusses approaches to minimize downtime

during migration

Migration Steps

▬ Discusses pre-migration preparations

▬ Describes the v8 deployment

▬ Describes installation of the RSA

Authentication Manager Migration Export

Utility

▬ Describes Basic and Advanced migration

options

▬ Considerations for RADIUS migration

Post-Migration Tasks

▬ Describes tasks to be performed after the

completion of the migration process

▬ Discusses rolling back a migration

Migration Assistance

▬ Describes troubleshooting information and

how to obtain further assistance from RSA

resources

Migrating RSA Authentication Manager v7.1 to a v8.1 Hardware Appliance

Course Objectives Upon successful completion of this course, participants

should be able to:

Understand a deployment architecture that

includes one or more hardware appliances as

primary and/or Replica instances

Describe the migration process of migrating from

a software or hardware appliance platform to a

v8.1 hardware appliance

Understand how to upgrade an existing supported

hardware appliance to be v8.x-capable

Course Outline Overview of v8.1 Architecture

▬ Describes the architecture and deployments

options that include a v8.1 hardware

appliance


▬ Describes migration tasks involved with

migrating to a hardware appliance that are

over and above the tasks involved with data

migration alone

Upgrading and Re-imaging an RSA SecurID

Appliance

▬ Describes the process to upgrade supported

RSA SecurID Appliance 3.0 equipment to

enable it to host a v8.x instance

Migration Steps

▬ Describes the steps involved with migration

from exporting v7.1 data to importing it into a

v8.1 hardware appliance.

26

Getting Started with Enterprise Risk

Management Course Description

Overview Students will gain knowledge of the key RSA Archer ERM components through

presentations and hands-on exercises.

Audience Risk management team members who will be using the RSA Archer Risk

Management solution to define, support, and maintain a risk management

initiative. This may include managers, team leads, and anyone involved in scoping

a risk project.

Duration 2 days

Prerequisite Knowledge/Skills Familiarity with RSA Archer eGRC framework and a general familiarity with

organizational Risk concepts.


Explain basic Risk Management terminology and methodologies

Illustrate the structure of the RSA Archer Risk Management Solution

Define business requirements related to Risk Management

Begin the implementation process of an Enterprise Risk Management program

AT-A-GLANCE


overview of the concepts,

processes, and procedures

necessary to successfully

begin implementation of an

Enterprise Risk Management

(ERM) system.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARCERM210 – Onsite Class

ED ARC TRAIN UNIT – Training

Units


Course Outline

Introduction to Risk Management

▬ What is Risk?

▬ General Enterprise Risk Management

Approach Overview

▬ Types of Risk

Digging Deeper

▬ Common Frameworks Overview

▬ Developing a Common Risk Taxonomy

▬ Elements of Risk Management

▬ Phases of Growth:

▬ Risk Identification

▬ Assessment

▬ Decision

▬ Treatment

▬ Monitoring

RSA Archer Risk Management Solution

▬ RSA Archer ERM Structure Components

▬ ERM Processes and Key Integrations with

Other Solutions

▬ How RSA Archer Maps to Common Risk

Frameworks

Top-Down Risk Assessment

▬ Discussion: Common Issues for Specific

Industries/Business Types

▬ Exercise: Risk Identification

▬ Exercise: Risk Assessment

▬ Exercise: Risk Decision

▬ Exercise: Risk Treatment

▬ Exercise: Metrics Monitoring

▬ Exercise: Loss Monitoring

▬ Exercise: Overall Monitoring

Bottom-Up Risk Assessment

▬ Exercise: Create a new Risk Project

▬ Exercise: Complete Risk Assessments

▬ Exercise: Create reports based on new data

▬ Exercise: Bring in sample model data via Data

Import

▬ Exercise: Create dashboard that incorporates

model data’s impact on business

28

Getting Started with Policy and

Compliance Management Course Description

Overview Students will gain knowledge of the key RSA Archer Policy and Compliance

Management components through presentations and hands-on exercises.

Audience Policy and Compliance management team members who will be using the RSA

Archer Policy and Compliance Management solution to define, implement, and

maintain a policy and compliance management initiative. This may include

managers, team leads, and anyone involved in consolidating policies and ensuring

compliance with authoritative sources.

Duration 2 days

Prerequisite Knowledge/Skills Familiarity with the RSA Archer eGRC framework and a general familiarity with

policy and compliance concepts.


Explain basic Policy and Compliance Management issues and processes

Illustrate the structure of the RSA Archer Policy and Compliance Management

Solution

Begin the implementation process of a Policy and Compliance Management

program

AT-A-GLANCE





begin implementation of a

Policy and Compliance

Management system.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARCPCM210 – Onsite class


Units


Course Outline

Introduction to Policy and Compliance

Management

▬ Top Policy and Compliance Management

Issues

▬ Policy and Compliance Processes in a

Nutshell

▬ Policy and Compliance Key Components

RSA Archer Policy Management Solution

▬ RSA Archer Interface

▬ RSA Archer Policy Structure Components

▬ Phased Implementation Approach

▬ Post-Implementation Processes

Policy Management Exercises

▬ Exercise: Analyze Existing Policy

▬ Exercise: Define Scope

▬ Extraction & Mapping

▬ Exercise: Policy Extraction

▬ Exercise: Control Standard Extraction &

Mapping

▬ Exercise: Format/Import Content

▬ Exercise: Perform a Gap Analysis

▬ Exercise: Import Provided Content

▬ Exercise: Approve a Policy Change

▬ Exercise: Policy Awareness Campaign

RSA Archer Compliance Management Solution

▬ Sarbanes-Oxley Act Concerns

▬ RSA Archer Compliance Structure

Components

▬ How Compliance is Rated

▬ Exception Requests Workflow

Compliance Management Exercises

▬ Exercise: Review Control Procedure Mapping

▬ Exercise: Assess a Process Control

▬ Exercise: Assess a Technical Control

▬ Exercise: Address Findings – Remediation

Plan

▬ Exercise: Address Findings – Exception

Request

Compliance Strategies

▬ Control-Based Compliance

▬ Asset-Based Compliance

▬ Compliance Testing Cycle

▬ Round Table Discussion

▬ Additional Resources


GRC Overview Course Description

Overview

This self-paced eLearning course introduces the general concepts of Governance,

Risk and Compliance (GRC) from a business perspective. It focusses on why GRC is

important to business and how GRC impacts each area of a business.

Audience - RSA Customers

Duration Approximately 30 minutes (e-Learning)

Prerequisite Knowledge/Skills None


Describe the elements that comprise Governance, Risk and Compliance Describe how GRC addresses business challenges Understand the impact of GRC on people and processes within the business

Course Outline Business pressures and risks

What is GRC?

Governance, Risk and Compliance strategies

How companies address GRC

Enterprise GRC

Stages of GRC adoption

GRC for IT organizations

Technology that supports GRC

AT-A-GLANCE

This e-Learning course

provides a general

introduction to Governance,

Risk, and Compliance

concepts.

This eLearning course is not

product specific.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED-ARC-TRAINUNIT – Training

Units

31

RSA Archer® Administration Course Description

Overview Students will gain knowledge of the key RSA Archer platform components such as

applications, security management, and communication tools through

presentations and hands-on exercises. After taking this course, students will be

able to plan, configure, and manage the RSA Archer environment.

The subject matter in this course prepares students with the classroom component

recommended for the RSA Archer Certified Administrator certification.

Audience Archer administrators who are responsible for building and managing the

RSA Archer eGRC product.

Duration 4 days

Prerequisite Knowledge/Skills None


Navigate within the RSA Archer system

Configure the look and feel of the RSA Archer interface

Create or edit an application

Import data

Set up email notifications

Create data-driven events and calculated fields

Manage user access

Automate work streams

Complete a questionnaire

Perform a data feed

Search and report on data

Set up a dashboard

Migrate changes between environments

Identify additional support resources

AT-A-GLANCE


overview to the concepts,



design and administer the

RSA Archer platform.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARCADMIN210 – Onsite Class


Units


Course Outline

Introduction to RSA Archer

▬ RSA Archer Overview

▬ Introduction to the case study

General Navigation

▬ Interface components

▬ Managing content records

Configure the Appearance

▬ Managing Themes

▬ Managing the Appearance

Centralize and Organize Data

▬ Data structure

▬ Application Builder overview

▬ Inside Manage Applications

▬ General Application Properties

▬ Field Management

▬ Page Layout

▬ Navigation Menu

Import Data

▬ Using the Data Import Manager

Alert Users to Data Changes

▬ Creating Letterheads

▬ Managing Subscription Notifications

▬ Troubleshooting Tips

Optimize the User Experience

▬ Data-Driven Events

▬ Calculated Fields


Manage User Access

▬ Access Control Basics

▬ User Accounts

▬ Access Roles

▬ Groups

▬ Record Permissions

▬ Private Fields


Automate Work Streams

▬ Configure a two-stage workflow

Questionnaires

▬ Question Library Overview

▬ Questionnaire Creation Process

▬ Completing a Questionnaire

Integration Options

▬ Data Feed Manager

Search and Report on Data

▬ Quick Search

▬ Advanced Search

▬ Statistics Search and Chart Options

▬ Reporting

Communicate Information to Stakeholders

▬ iViews

▬ Dashboards

▬ Workspaces

▬ Additional Configuration Options

Packaging for Production

▬ Creating Packages

▬ Installing Packages

▬ Advanced Package Mapper

Design Best Practices

▬ Field Design Tips

▬ Application Layout Tips

▬ Data-Driven Event Tips

Application Creation Case Study

▬ Hands-on exercise in which participants are

challenged to build a best-in-class application

with minimal assistance

Course Summary

▬ Customer Support Options

▬ Certification Exam Information

33

RSA Archer® Advanced Administration Course Description

Overview Throughout the course, students will be presented with a diverse collection of real-

world governance, risk, and compliance problems and be shown and guided

through the recommended steps involved in solving these pain points by using the

features available in the RSA Archer eGRC Suite.

Extensive hands-on labs reinforce the tasks involved in designing and automating

GRC processes and extending the value of the RSA Archer eGRC Suite throughout

the organization. After completing this class, students will be prepared to use the

RSA Archer eGRC Suite to solve an extensive array of GRC problems and meet the

business requirements of various enterprise stakeholders.

Audience Governance, risk, and/or compliance professionals, business owners, or IT

personnel who need to automate and streamline existing processes, integrate the

RSA Archer platform with third-party systems, or deliver assessments across the

enterprise.

Duration 4 days

Prerequisite Knowledge/Skills Previous experience creating applications within the RSA Archer product or

successful participation in the standard RSA Archer Administration course.


Create a custom, multi-stage workflow process that automates a manual

process

Import existing information from a legacy system into RSA Archer applications

and questionnaires

Integrate the RSA Archer product with third-party systems and data sources to

consolidate enterprise information

Design best-practice assessment campaigns to measure compliance across the

organization

Construct complex search criteria to locate key information and identify data

trends

Visually showcase compliance with industry regulations through reports and

dashboards

Alert organization stakeholders through scheduled report distributions

Export RSA Archer data into pre-formatted, professional-looking report

templates

AT-A-GLANCE

This course provides hands-

on training on the

administration,

configuration and best-

practice deployment of the

RSA Archer Platform.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARCADVADM210 – Onsite

Class


Units


Course Outline

Streamlining GRC Processes — Day One

▬ Replicating a multi-stage workflow to

transfer a manual, paper-based process to

an automated, online tool

▬ Constructing a scalable access control

framework for enabling end users to

participate in GRC processes

▬ Automating and manipulating data through

calculations to support enhanced data

analytics and reduce data entry time

Integrating External Data — Day Two

▬ Transferring leveled, document-centric

policies into a data-centric format in the RSA

Archer Platform

▬ Using a data feed targeting database

sources to quickly transfer legacy data to a

centralized system

▬ Creating a data feed to access an RSS

source and retrieve the information into an

RSA Archer application

▬ Transferring data between RSA Archer

applications to support data trending and

reduce manual effort

Demonstrating Compliance – Day Three

▬ Importing compliance questions into RSA

Archer’s global question library

▬ Creating an assessment campaign to

demonstrate compliance with internal and

external regulations

▬ Managing question scoring and findings

generation to better understand the risk

impact to the organization

▬ Referencing existing assessment responses

in future assessments

Communicating GRC Data – Day Four, Part I

▬ Generating real-time reports across distant

data relationships to provide greater insights

into GRC processes

▬ Designing a user-friendly dashboard and

interface to clearly communicate the posture

of various business units

▬ Delivering snapshot reports on a set schedule

to inform key stakeholders of the current

status

▬ Exporting RSA Archer data to email and Word

templates to generate professional-looking,

document-based reports for senior

management

▬ Publishing RSA Archer data to external

databases

Maintaining the System – Day Four, Part II

▬ Discussing resources for the most current

installation and sizing recommendations

▬ Configuring instance settings via the Archer

Control Panel

▬ Accessing and reading log files

▬ Troubleshooting common RSA Archer issues

to ensure effective system operations

35

RSA Archer® Solutions Overview Course Description

Overview This self-paced, interactive e-Learning course provides an introduction to the RSA

Archer Platform and its application to the management of Governance, Risk, and

Compliance in an organization. RSA Archer’s Solution modules are described and

use cases discussed for Out-of-the-Box applications.

Audience RSA Customers

RSA Partners

RSA Internal Staff

Duration Approximately 20 minutes (e-Learning)

Prerequisite Knowledge/Skills Students should be familiar with basic principles of GRC (Governance, Risk, and Compliance).


Understand Governance, Risk, and Compliance (GRC) and its organizationalimpact.

Describe the RSA Approach and its Business Value. Summarize RSA Archer Solution Areas.

Reference and describe common RSA Archer Use Cases. Describe each RSA Archer Solution module and summarize key features and

benefits.

AT-A-GLANCE

This e-Learning course

provides an overview of the

RSA Archer GRC Platform,

RSA Archer Solution

modules, and Out-of-the-

Box business use cases.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARCADVADM210 – Onsite

Class


Units


Course Outline

RSA Archer Introduction

▬ GRC Defined

▬ Organizational Challenges

▬ The RSA Approach & Business Value

▬ RSA Archer Platform

RSA Archer Solution Areas: Addressing Critical

Business Needs

▬ IT Risk & Security Management (ITRSM)

▬ Operational Risk

▬ Regulatory Compliance

▬ Third Party Risk

▬ Audit

▬ Business Resiliency

RSA Archer Use Cases

▬ Review various Out of the Box (OOTB) Use

Cases

RSA Archer Solution modules

▬ Threat Management

▬ Vendor Management

▬ Vulnerability Risk Management (VRM)

▬ Risk Management

▬ SecOps Management

▬ Business Continuity Management

▬ Compliance Management

▬ Incident Management

▬ Policy Management

▬ Audit Management

37

Expected Availability: mid-Q4 2015!

RSA® Archer Security Operations

Management (SecOps) Essentials Course Description

Overview This course provides practitioner-level training on the business need for managing

security operations and the business impact of the RSA Archer Security Operations

Management (SecOps) solution and its basic functionality. Content provides a basic

understanding of the challenges of managing IT security operations, and describes

how SecOps is positioned to address those challenges. Students will learn about

the basic functionality of SecOps – from managing a Security Operations Center

(SOC) to managing incident response and data-breach response – and will learn

how the SecOps solution enables organizations to manage the entire lifecycle with

integrated business context and best practices aligned with industry standards.

This course introduces the key personas involved in security operations

management, as well as presenting typical security operations management

workflows and describes how various roles have full visibility into the entire

process lifecycle with focused workflows, dashboards, and reports.

Audience RSA Archer Security Operations Management Practitioners.

Duration Estimated time to complete is 90 minutes.

Prerequisite Knowledge/Skills Archer GRC Solutions Overview and knowledge about the GRC industry.


Explain the necessity for and challenges to security operations management

Describe the business impact that SecOps provides.

Identify the purpose of, workflow, and typical roles in a security operations

center.

Describe the functionality of the SecOps solution.

Perform the functional tasks – at a Practitioner level – that are enabled by

SecOps.

Explain how SecOps is used to meet IT Security and Risk Management

business requirements.

AT-A-GLANCE

The RSA Archer Security

Operations Management

course provides an

overview of the business

need for managing security

operations and the business

impact that SecOps

provides. Content includes

SecOps functionality for

SOC management and

incident and data-breach

management.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

Module 1 – Managing Security Operations

– Importance of managing security operations

– Function and purpose of a SOC

– Process of security operations management

– Key personas in a SOC

Module 2 – RSA Archer Security OperationsManagement Solution (SecOps)

– World-Class SOC program

– SecOps in action

– SecOps value

– SecOps and the SOC lifecycle

– SOC maturity model

– Security incident response industry

standards

– SecOps architecture

– SecOps workflow

Module 3 – Managing SOC Readiness

– SOC staff and contacts

– SOC policies and procedures

– Policy review

– Security controls

– Call trees

Module 4 – Responding to Incidents

– Level 1 workflow

– Level 2 workflow

– Alerts and incidents

– Alert aggregation

– Declared incidents

– Confidential incidents

Module 5 – Responding to Data Breaches

– Data breach workflow

– Breach response lead and team

Module 6 – Remediation

– Remediation workflow

– Review workflow

– Exception request workflow

Module 7 – How SecOps Fits into ITSRM

– What is ITSRM?

– How is SecOps used in the ITSRM solution

39

RSA® Security Operations Management

Solution Basics Course Description

Overview Students will gain knowledge of the structure and operations of the RSA Security

Operations Management Solution through presentations and hands-on exercises.

This course addresses the tasks and responsibilities of several typical roles and

personas that are part of an organization’s Security Operations Center.

Audience Customers who perform the following jobs can benefit from this course:

Security Operations Center (SOC) manager

Breach coordinator

Incident coordinator

Incident handler

IT Helpdesk analyst

Duration 2 days

Prerequisite Knowledge/Skills To receive the most benefit from this training, we recommend that students have:

Basic understanding of the use and management of RSA Archer and RSA

Archer Enterprise Management Solution

Basic understanding of the use and management of RSA Security Analytics

Familiarity with basic security event reporting and analysis

Familiarity with basic Security Operations Center functions and tasks


Understand the industry standards such as VERIS, NIST, and SANS with

respect to reporting and managing a security incident response process; and

how RSA Security Operations Management Solution is so aligned

Understand the high-level solution architecture of the RSA Security

Operations Management Solution

Explain the security operations management workflow supported by the RSA

Security Operations Management Solution

Explain and navigate the built-in dashboards of the RSA Security Operations

Management Solution

Identify and understand the differences between the six personas (roles)

supported by the RSA Security Operations Management Solution

Understand the workflows in the solution for the respective SOC personas

Identify the phases and workflow relating to incident management

Understand the contribution of RSA Security Operations Management

Solution to SOC operations

AT-A-GLANCE




to effectively use RSA

Security Operations

Management Solution in a

Security Operations Center.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

Security Operations Management Overview

▬ Function and purpose of a Security

Operations Center (SOC)

▬ Security incident response industry

standards [VERIS, NIST, and SANS]

▬ Capabilities of RSA Security Operations

Management Solution

▬ Solution architecture

▬ Key personas in Security Operations

Management

▬ Security Operations workflow

▬ RSA Archer Enterprise Management Solution

Overview

Introduction to RSA Security Operations

Management Solution

▬ RSA Security Operations Management

Solution dashboards and navigation

▬ RSA Security Operations Management

Solution implementation lifecycle

Managing SOC Readiness

▬ Managing the SOC staff and Contacts

– Managing SOC policies and procedures

Incident Response

▬ Incident response workflow

▬ Alerts and incidents; aggregating alerts

▬ Incident types

▬ Incident Declaration, Creation, Assignment,

Review, and Closure

▬ Incident response tasks

▬ Incident escalation

▬ Incident investigation, forensic and impact

analysis

▬ Handling shift handovers

Data Breach Response

▬ Data Breach response workflow

▬ Breach risk assessment

▬ Declaring a breach

▬ Creating and assigning breach tasks

▬ Executing a call tree

Remediation

▬ Issue remediation workflow

▬ Findings process

▬ Resolving and reviewing findings

▬ Exception process

▬ Remediation plan

41

RSA Archer® Custom End-User Training Data Sheet

Overview

RSA Archer supports business-level management of enterprise governance, risk and

compliance. With RSA Archer you have the ability to adapt a solution to your

requirements without touching a single line of code. The most demanding Fortune 500

companies have seized the power of RSA Archer to automate business process,

streamline workflow, control user access, and tailor a user interface and report in real

time.

To ensure that your RSA Archer solution is being leveraged to its maximum potential,

RSA Education Services offers the RSA Archer Custom End-User Training Service to

guide you through the process of training your organization’s end user population.

Offering Details

With practical experience using Archer solutions, business process and risk management

expertise, and instructional design and training delivery skills, an RSA Training

Consultant will work closely with you to understand your specific RSA Archer use case

and identify learning objectives. You’ll have the opportunity to review the training

content along the way to ensure that you receive deliverables that will successfully meet

your training objectives.

While every customer’s use case is unique, training may include topics like the following:

RSA Archer Overview

General Navigation

Working with records

Searching and Reporting

Custom topics (defined with the customer)

This education service is based on a single use case and includes the following:

A needs assessment to understand the customer’s use case and training

requirements

A scripted PowerPoint slide deck that includes content customized to your

environment

Content branded with the organization’s logo and standard .PPT template

Unlimited use of materials for its end users

Access to an editable version of the content

“It was an absolutely fantastic course due to the instructor’s energy,

enthusiasm, and excitement about the product and interest in our success. The

coaching and support throughout the process had a huge impact on our team.”

VP Educational Services

Large Financial Institution

AT-A-GLANCE

“It was an absolutely

fantastic course due to the

instructor’s energy,

enthusiasm, and excitement

about the product and

interest in our success. The

coaching and support

throughout the process had

a huge impact on our team.”

VP Educational Services

Major Financial Institution






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ARC EUTTT 210 – Train-the-

trainer option

ED ARC EUELN 210 – E-Learning

option

ED ARC EUILT 210 – Instructor

Led Delivery by RSA


ABOUT RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business

acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security

challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving

compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and

Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to

millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit

www.RSA.com and www.EMC.com, or email [email protected].

http://www.emc.com/

mailto:RSA_Global_Services_Sales

43

RSA® Data Loss Prevention


Overview Theory and product basics such as the RSA DLP Suite architecture, integration of

RSA DLP components, and the importance of various configuration parameters are

discussed.

Students participate in hands-on exercises that build on the basic concepts and

allow practical experience in building an RSA DLP system.

Audience System, security, or help desk personnel who need to install, deploy and/or

maintain an RSA Data Loss Prevention system.

Duration 4 days

Prerequisite Knowledge/Skills Familiarity with user and system administration, networking fundamentals, and

general information security concepts. Familiarity with Web, Application and

directory server (LDAP) and/or Relational Database (RDBMS) technologies as well

as basic programming and scripting concepts is also beneficial.


List the features and benefits of the RSA Data Loss Prevention Suite of

products including DLP Network, DLP Datacenter, and DLP Endpoint

Administer the RSA Data Loss Prevention Enterprise Manager

Create and manage RSA Data Loss Prevention policies

Create and manage RSA Data Loss Prevention content blades

Deploy RSA Data Loss Prevention agents and grid scan groups

Review what remediation actions are available and what the benefit of each is

Generate RSA Data Loss Prevention incident and event reports

Perform basic operational tasks including upgrading software, importing and

exporting configuration files, reviewing high availability and load balancing,

applying patches, and viewing alerts

AT-A-GLANCE

This course provides

comprehensive instruction

in the administration and

configuration of the RSA

Data Loss Prevention (DLP)

Suite.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED DLPADM210 – Onsite Class

ED DLP TRAIN UNIT – Training

Units


Course Outline

Introduction to Data Loss Prevention

▬ List the key features of the RSA DLP Suite

▬ Identify the key components of the RSA DLPSuite

▬ Describe the role of RSA DLP Enterprise

Manager

▬ Explain the differences between RSA DLPNetwork, Datacenter, and Endpoint

▬ Define how policy violations are handled by

RSA DLP Endpoint Enforce

Enterprise Manager Administration

▬ Login to the Enterprise Manager for the firsttime

▬ List the key features of Enterprise Manager

▬ Access and license the Enterprise Manager

▬ List new dashboard features

▬ Review the Enterprise Manager tabs

▬ Enter LDAP configuration settings

▬ Perform user and group administration

▬ Configure an email server and notifications

▬ Delete incidents and events

▬ Display device status

Network Appliance Configuration

▬ Identify the main components of RSA DLPNetwork

▬ Re-install an RSA DLP Network appliance

▬ Login to an RSA DLP Network appliance

▬ Perform an initial configuration of anappliance

▬ Perform basic configuration for a RSA DLPNetwork Interceptor

▬ Describe the Email Self Release feature

▬ Evaluate sensor capacity needs

▬ Diagram the ICAP server event flow

▬ Perform a basic configuration of an ICAPserver

Introduction to Policies

▬ Explain the function of the RSA DLP ContentClassification and Analysis system

▬ Describe the use and purpose of policies inthe DLP Suite

▬ Explain how content blades are used inpolicies to detect sensitive information

▬ Create policies using a supplied template

▬ Configure DLP Network policies in a virtualnetwork environment

DLP Datacenter

▬ List key features and components of DLPDatacenter

▬ Install the Enterprise Coordinator

▬ Configure the Enterprise Coordinator

▬ Describe the scan types available in DLPDatacenter

▬ Install and configure a site coordinator

▬ Create a grid scan group

▬ View scan status and history

Creating Content Blades

▬ Compare fingerprinting and describingcontent

▬ List the detection accuracy methods available

▬ Discuss the importance of weight, score andcount

▬ Discuss the importance of accuracy andprecision

▬ Explain how a risk score determines severity

▬ Manage and create content blades

Working with Fingerprinted Content

▬ Describe fingerprinting and hashes

▬ Define fingerprinting terminology

▬ Configure a file crawler

▬ Configure a database crawler

Agent and Repository Scans

▬ Analyze agent scan status

▬ Configure an agent scan group

▬ Schedule an agent scan

▬ Analyze agent scan history

▬ Configure a repository database scan

DLP Endpoint

▬ Explain how DLP Endpoint Enforce works

▬ List the components that comprise DLPEndpoint

▬ Configure policy settings relevant to DLPEndpoint

▬ Install DLP Endpoint Enforce agents

▬ Create a DLP Endpoint Enforce group

▬ Manually deploy a DLP Endpoint Enforceagent

Workflow and Remediation

▬ Describe incident and event workflow withinRSA DLP

▬ Compare DLP remediation actions

▬ Describe how manual remediation functions

▬ View policy, incident, and transmission details

▬ View incident history and notifications

Reports

▬ Describe the main DLP reporting features

▬ Navigate the Enterprise Manager dashboard

▬ View and edit reports

▬ Customize a report

▬ Export report data

▬ Create DLP Asset Heat Map reports

Basic Operations

▬ Export and import DLP configuration files

▬ Review backup options for DLP

▬ Discuss high availability options for DLPcomponents

▬ Describe how to configure Enterprise Managerfailover

▬ Review Patching and upgrade operations forDLP

▬ List the benefits of integrating DLP and RMS

▬ Select and associate an RMS template for usewith DLP

45

RSA® ECAT Fundamentals Preliminary Course Description

Overview This eLearning provides an overview of RSA ECAT’s role and core functionality.

Students will gain familiarity with the ECAT interface, a broad understanding of the

team responsibilities necessary for effective threat detection, and a detailed

understanding of basic threat analysis. Video-based instruction is used to reinforce

the student’s familiarity with ECAT and the key Modules and Machines views.

Concept review and further User Interface engagement is provided in the form of a

series of interactive challenges.

Audience Enterprise security analysts, consultants, incident response staff and managers,

RSA ECAT administrators, and any other technical users who will employ or

support the tool.

Duration 90 minutes

Prerequisite Knowledge/Skills No prerequisites; familiarity with network, security, and general IT principles will

be helpful.


Describe the role of RSA ECAT in endpoint threat detection

Understand the roles and responsibilities required within an ECAT team

Detect known and some unknown malware executables and processes

Determine the general ECAT architecture of any deployment

Interpret module and machine lists in the ECAT interface

Detect malicious characteristics and behaviors in endpoint files and processes

AT-A-GLANCE

The RSA ECAT Fundamentals

eLearning provides an

overview of ECAT’s role,

familiarizes you with key

components of the ECAT

user interface, and enables

you to conduct basic threat

analysis.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED-SA-TRAINUNIT – Training

Units


Course Outline

Overview

▬ The Challenge: Malware Inside

▬ A Malware Rogue’s Gallery

▬ Threats from Basic to Advanced

▬ Monitoring the Modules in the Endpoints

▬ ECAT’s Approach to Endpoint ThreatDetection

▬ ECAT’s Scan Techniques

▬ Timeline of Typical Attack

▬ ECAT Architecture

▬ Option: The Roaming Agent Relay

▬ Installation and Deployment

▬ Tuning, Optimization, and Administration

Getting Started

▬ Meet the Team

▬ Process: Getting Started

▬ Continual Analysis, Occasional Re-Tuning

▬ Main Menu

▬ Dashboard

▬ Machines

▬ Modules

▬ IP List

▬ Certificates

▬ Instant IOCs

▬ Downloads

▬ Events

▬ User Interface Walkthrough

▬ ECAT Packager

Threat Detection

▬ Out of the Box Monitoring

▬ Whitelisting and Blacklisting

▬ Automatic Whitelisting and Blacklisting

▬ Additional Tuning and Optimization

▬ Analysis: Review Which Modules?

▬ Module Review

▬ Network Monitoring

▬ Behavior Tracking

▬ Confirm Trusted Module

▬ Confirm Malicious Module

▬ Forward to Security Analytics

▬ Edit Status and Remediation Action

▬ Active Hunting Tactics

▬ Team-Based Hunting

A Week of ECAT

▬ Concept Review

▬ Interactive Interface Quiz

47

RSA® Security Analytics Introduction Course Description

Overview This self-paced, interactive eLearning provides an introduction to the RSA Security

Analytics product, along with the components and different appliances that make up an

RSA Security Analytics implementation.

You will first familiarize yourself with the RSA Security Analytics product, its functionality,

and different customer implementations. You will then review the architecture and various

components of RSA security Analytics. Finally, you will examine the way data flows

throughout an RSA Security Analytics implementation.

Audience RSA Customers

RSA Professional Services Consultants

RSA and Partner Technical Support Engineers and Consultants

RSA Project Managers

RSA Solutions Success Managers

RSA Solutions Architects

RSA Sales Engineers

Duration Approximately 1 hour (E-learning)

Prerequisite Knowledge/Skills Students should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise networking and data communications is required. Basic knowledge of the TCP/IP protocol stack is required.


Understand RSA Security Analytics

Explain the architecture of RSA Security Analytics

Analyze common customer implementations of RSA Security Analytics

Identify, describe, and compare the components and appliances of RSA Security

Analytics

Summarize the flow of information throughout an RSA Security Analytics environment

AT-A-GLANCE This course provides an overview of RSA Security Analytics, including monitoring.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED SA AN 210 - Onsite Class

ED SA TRAIN UNIT – Training

Units


Course Outline

RSA Security Analytics Overview

▬ Define RSA Security Analytics

▬ Identify how meta is created

▬ Summarize the role meta plays in SA

RSA Security Analytics Architecture

▬ Identify components of the RSA Security

Analytics environment

▬ Compare the function of the RSA Security

Analytics components

▬ Explain how RSA Analytics captures

information

Customer Implementations

▬ Review various RSA Security Analytics

implementations and use cases

How Data Flows through RSA Security Analytics

▬ Summarize how data flows through the SA

environment

▬ Compare the role of specific appliances in this

process

Suggested Resources

▬ Suggested training


RSA® Security Analytics 10.5 What’s

New Overview Course Description

Overview This E-learning course provides an overview of the new and exciting features being

introduced in RSA Security Analytics 10.5, such as platform updates, licensing

changes, data privacy and cloud visibility.

Audience Anyone interested in an overview of the new features of RSA Security Analytics 10.5.

Duration 30 minutes (E-learning)

Prerequisite Knowledge/Skills Students should be familiar with previous versions of the RSA Security Analytics product.

Students should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise networking and data communications is required. Basic knowledge of the TCP/IP protocol stack is required.


Platform updates

Licensing and entitlement changes

Administration and audit logging

Event source grouping and monitoring

Health and wellness

Data privacy

Investigation and concentrator changes

Reporting engine updates

Event Stream Analysis (ESA)

Incident management

Archiver and analyst updates

Workbench

Cloud visibility

AT-A-GLANCE This E-learning course focuses on reviewing the new features of the RSA Security Analytics 10.5 product release.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units

50

RSA® Security Analytics Foundations Course Description

Overview This Instructor Led Training (ILT) course provides a foundational overview of the

core components of RSA Security Analytics. Students gain insight into the core

concepts, uses, functions and features of RSA Security Analytics and also gain

practical experience by performing a series of hands-on labs.

Audience Anyone new to RSA Security Analytics.

Duration 3 days (ILT)

Prerequisite Knowledge/Skills Students should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise networking and data communications is required. Basic knowledge of the TCP/IP protocol stack is required.


Describe the Security Analytics architecture, components and their functions

Describe how metadata is created

Differentiate between meta keys, meta values, and meta data

Investigate data using simple and complex queries

Customize the investigation display

Filter data using rules

Create new meta values using Application and Correlation rules and RSA Live

content

Create alerts using ESA and reporting rules to track potential threats

Create and manage incidents

AT-A-GLANCE This foundations course focuses on the core features and functions of the RSA Security Analytics product.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

1. RSA Security Analytics Overview

▬ What is RSA Security Analytics?

▬ RSA Security Analytics architecture

▬ Supported data sources

▬ Key features and functions

▬ Customizing the user interface

2. Investigation Basics

▬ What is metadata?

▬ Differentiating between packets and logs

▬ Differentiating between data and metadata

▬ Customizing the investigation screens

▬ Viewing reconstructed events

▬ Writing simple and complex queries

▬ Describing the purpose of meta key indexing

▬ Customizing data and meta data displays

▬ Creating data visualizations

▬ Creating meta groups

▬ Creating custom column groups

▬ Using complex queries, drills and views to

perform investigations

3. Refining the Dataset

▬ Filtering data with rules

▬ Taxonomy concepts for metadata

▬ Using Application rules to create new meta

▬ Using Correlation rules to create new meta

▬ Deploying content from RSA Live to create

new meta

▬ Describing how parsers populate meta keys

▬ Using alerts and metadata to investigate

potential threats

▬ Determining the cause of an incident

4. Reporting and Alerting

▬ Creating reports

▬ Creating alerts to identify future threats

▬ Creating ESA alerts

▬ Managing incidents

▬ Creating incidents

52

RSA® Security Analytics Core


Overview This Instructor Led Training (ILT) course provides an overview of essential administrative

tasks that are performed for RSA Security Analytics. Students gain insight into

Configuring Devices, Monitoring and User Management within RSA Security Analytics and

also gain practical experience by performing a series of hands-on labs.

Audience Anyone interested in the administration topics listed below for RSA Security Analytics.

Duration 2 days (ILT)

Prerequisite Knowledge/Skills Students should have completed the RSA Security Analytics Foundations (3-day) ILT course prior to attending this course.

Students should be familiar with basic computer architecture, data networking

fundamentals and general information security concepts. A background in Enterprise

networking and data communications is required. Basic knowledge of the TCP/IP protocol

stack is required.


Discover and configure core RSA Security Analytics hosts

Configure the Reporting Engine and Events Stream Analysis (ESA)

Configure Incident Management (IM) and the Archiver

Describe the Health and Wellness module

Review the REST API

Monitor RSA Security Analytics hosts and services

Create and manage users

Describe data privacy

AT-A-GLANCE This course focuses the essential administrative tasks for RSA Security Analytics, such as user management, configuration and monitoring.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED SA AN 210 - Onsite Class


Units


Course Outline

1. Configuring RSA Security Analytics

▬ Discovering hosts

▬ Configuring the core hosts

▬ Configuring Security Analytics system settings

▬ Configuring the RSA Live service

▬ Configuring Incident Management (IM)

▬ Configuring the Archiver

▬ Configuring ESA

▬ Configuring the Reporting Engine

2. Monitoring (Health and Wellness)

▬ Health and Wellness module overview

▬ Health and Wellness user interface

▬ Configuring a health notification

▬ System stats browser

▬ Event Source Monitoring

▬ Viewing statistics

▬ Viewing logs

▬ REST API

3. Managing Users

▬ RSA trust model

▬ Managing RSA Security Analytics users and

roles

▬ Configuring data privacy

▬ Configuring External Authentication using

Active Directory

▬ Configuring External Authentication using PAM

▬ Configuring Data Privacy

54

Expected Availability: late Q4 2015!

RSA® Security Analytics Hunting Course Description

Overview This Instructor Led Training (ILT) course presents methods and techniques

prescribed by security experts for quickly locating anomalies on the network and for

enhancing the data set to highlight suspicious activity. It provides recommended

strategies and processes for searching for threats along with specific use cases

where you will apply the techniques and processes to real-world situations.

Audience Anyone interested in using RSA Security Analytics to locate anomalies on the

network and identify suspicious activity

Duration 2 days

Prerequisite Knowledge/Skills Students should have completed the RSA Security Analytics Foundations (3-day) ILT course prior to attending this course. Students should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise networking and data communications is required. Strong knowledge of the TCP/IP protocol stack as well as protocols such as DNS, RDP, SSH, ICMP, CIFS, and HTTP are highly recommended.


List techniques for filtering data

Identify protocol anomalies and associated threats

Describe the process for detecting a malware infected host

Identify the causes and implications of Service type OTHER

Identify RSA Security Analytics functions to use in analysis and creation of new

intelligence

Create an alert taxonomy

Automate analysis using reports, alerts and incidents

Identify common indicators of compromise

Use recommended techniques, methods, and processes to resolve use cases

AT-A-GLANCE This course presents techniques prescribed by security experts for quickly locating anomalies on the network as well as methods for enhancing the data set to highlight suspicious activity.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units

ED-SA-HUNT-210 - Onsite


Course Outline

1. Hunting Strategies

▬ Identifying traffic flows

▬ Filtering baseline traffic with network and

application rules

▬ Protocol anomalies

▬ Identifying unique network traffic patterns

generated by a host infected with malware

▬ Identifying the difference between network

traffic generated by Trojans and normal

browsing

▬ Service type OTHER

▬ Defining a taxonomy for alerts

▬ Automating analysis with reports, charts,

and incidents

2. Identifying Common Indicators of Compromise

(IOC)

▬ Unusual outbound network traffic

▬ Anomalies in privileged user account activity

▬ Geographical irregularities

▬ Login red flags

▬ Swells in database read volume

▬ HTML response sizes

▬ Large numbers of requests for the same file

▬ Mismatched port/application traffic

▬ Suspicious registry or system file changes

▬ DNS request anomalies

▬ Unexpected patching of systems

▬ Mobile device profile changes

▬ Bundles of data in the wrong place

▬ Web traffic with unhuman behavior

▬ Signs of DDoS activity

3. Finding the Threat – Use Cases

▬ Webshell

▬ Malicious Insider

▬ Phishing Challenge Lab

▬

56

RSA® Security Analytics Introduction to

Troubleshooting for Customers Course Description

Overview

This self-paced eLearning will improve your understanding of how to troubleshoot.

RSA Security Analytics 10.4 (SA). Through a series of interactions and “just-show-

me” video demonstrations, this course will answer common questions about

troubleshooting RSA’s Security Analytics and provide you with the concepts needed

to begin troubleshooting on your own.

The content is specific to RSA Security Analytics version 10.4. However, there is a

lot of commonality between versions and some of the things that you learn may be

used to troubleshoot older or newer versions of RSA Security Analytics. Please

keep this in mind as you proceed because there may well be variances based on

the version.

Audience - RSA Customers

Duration Approximately 2.5 hours (e-Learning)

Prerequisite Knowledge/Skills Students should have the following skills or knowledge prior to attending class:

Familiarity with general troubleshooting methodology Basic understanding of networking concepts General understanding of networking Familiarity with Linux, Java, scripting, and computer hardware Basic experience with Security Analytics


Describe RSA Security Analytics troubleshooting strategies & basic-practices

Identify techniques to troubleshoot several specific RSA Security Analyticsissues after viewing videos

Describe an overall approach to troubleshooting RSA Security Analytics Describe general IT troubleshooting, complexity of RSA Security Analytics,

need to look beyond the UI Describe the RSA Security Analytics core components Describe the flow of data throughout an SA environment Describe the life cycle/processing of data Identify the interaction between components Identify common issues with core components

AT-A-GLANCE This e-Learning course provides an introduction to troubleshooting RSA Security Analytics.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

Introduction

Component Architecture

Data Flow

Platform Overview

Life-Cycle of Data

Starting Points: Issues with Components

Interacting

Assessment

Course Evaluation

58

RSA® Adaptive Authentication

On-Premise Administration Course Description

Overview The working principles behind RSA Adaptive Authentication On-Premise architecture,

system components, and administrative tasks are discussed. Extensive hands-on labs

reinforce the tasks involved in implementing an RSA Adaptive Authentication On-Premise

system.

Audience System, security, or help desk administrators who need to install, configure and/or

maintain an RSA Adaptive Authentication On-Premise system.

Duration 3 days

Prerequisite Knowledge/Skills Familiarity with user and system administration, networking fundamentals, and general

information security concepts.


Explain the basic architecture and theory of operation of RSA Adaptive Authentication

On-Premise

Describe how RSA Adaptive Authentication On-Premise determines risk

Describe the recommended workflows

Perform the installation tasks involved in installing RSA Adaptive Authentication On-

Premise

Explain the steps required to integrate RSA Adaptive Authentication On-Premise with

a web application

Use the Back Office Applications to configure, manage, and administer RSA Adaptive

Authentication On-Premise

Perform the day to day administrative tasks to keep the RSA Adaptive Authentication

On-Premise functioning properly

AT-A-GLANCE

This course offers hands-on

training on the installation,

integration, configuration,

and administration of RSA

Adaptive Authentication On-

Premise.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED AAOPADMIN210 – Onsite

Class

ED AA TRAIN UNIT – Training

Units


Course Outline

Operations Session (Day 1 and 2)

RSA Adaptive Authentication On-Premise Overview

▬ Relevant terminology

▬ Features and benefits of RSA AdaptiveAuthentication On-Premise

▬ Risk-Based authentication

▬ Device profiling

▬ Behavioral profiling

▬ What is multi-factor authentication?

▬ How RSA Adaptive Authentication On-Premise

provides for multi-factor authentication

RSA Adaptive Authentication On-PremiseArchitecture

▬ System components overview

▬ Network Integration

▬ RSA eFraudNetwork

▬ RSA Risk Engine


▬ Back Office Applications

▬ RSA Central

▬ GeoIP Service

▬ Scheduler

▬ Adaptive Authentication utilities

RSA Adaptive Authentication On-Premise Workflowsand Processes

▬ Terminology used in workflows

▬ RSA Adaptive Authentication On-Premiseworkflows

RSA Adaptive Authentication On-Premise Installation

▬ Pre-installation overview

▬ Installing RSA Adaptive Authentication On-

Premise

▬ Post-installation tasks

▬ Setting up maintenance and development

utilities

RSA Adaptive Authentication Configuration

▬ The configuration framework

▬ Creating default configuration files

▬ Customizing configuration files

RSA Adaptive Authentication On-Premise Integration

▬ Introduction to the Web services API andmethods

▬ Collecting device information

▬ Message format and recommended data

elements

RSA Adaptive Authentication Back OfficeApplications

▬ Overview of the Back Office Applications

▬ Access Management

▬ Report Viewer

Operations

▬ Administration Console

▬ GeoIP Update

▬ Schedule tasks

▬ Update the eFraud Network agent

▬ Log files

▬ RSA Central

Back Office Tools Session (Day 3)

RSA Adaptive Authentication On-Premise Overview

▬ Relevant terminology

▬ Features and benefits of RSA AdaptiveAuthentication On-Premise

▬ Risk-Based authentication

▬ Device profiling

▬ Behavioral profiling

▬ What is multi-factor authentication?

▬ How RSA Adaptive Authentication On-

Premise provides for multi-factorauthentication

▬ System Components Overview

RSA Adaptive Authentication On-Premise Risk

Score Calculation

▬ How Adaptive Authentication determines risk

▬ Risk score calculation stages

RSA Adaptive Authentication On-Premise

Workflows and Processes

▬ Terminology used in workflows

▬ RSA Adaptive Authentication On-Premiseworkflows

RSA Adaptive Authentication Back Office

Applications

▬ Overview of the Back Office Applications

▬ Access Management


▬ Case Management

▬ Customer Service Application

▬ Report Viewer


RSA® Adaptive Authentication for

eCommerce Back Office Tools Course Description

Overview The working principles behind RSA Adaptive Authentication technology, architecture, and

system components are discussed. Video demonstrations reinforce the tasks involved in using

the RSA Adaptive Authentication Back Office Tools.

Audience Team Leaders/Fraud Strategists responsible for fraud prevention planning. Customer Service

Representatives who provide support for card holders requiring online transaction assistance,

and Fraud Investigators/Analysts.

Duration Approximately 2 hours

The modules and content presented depends on the student’s job role. The job role is selected

from a menu presented at the beginning of the training.

Prerequisite Knowledge/Skills Familiarity with general information security concepts.


Define RSA Adaptive Authentication for eCommerce

Explain the basic system architecture and components of RSA Adaptive Authentication for

eCommerce

Provide an overview of the RSA Adaptive Authentication for eCommerce Back Office Tools

Use the Back Office Tools including:

▬ Back Office Administration

▬ Customer Service

▬ Case Management

▬ Policy Manager

▬ Management Information Reports

Generate Web Reports

Describe Raw Data Reports

AT-A-GLANCE

This course offers training

on the RSA Adaptive

Authentication for

eCommerce Back Office

Tools.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Units


Course Outline

RSA Adaptive Authentication for eCommerce

Overview

▬ History and evolution of Adaptive

Authentication for eCommerce

▬ Components and processes that make up

3DSecure

▬ Transaction Monitoring

▬ The RSA Risk Engine and eFraudNetwork

▬ Describe low, high, and very high risk

transaction workflows

Back Office Tools Overview

▬ Overview of the Back Office tools

▬ Back Office Administration

▬ Customer Service

▬ Case Management

▬ Policy Manager

▬ Management Information Reports

Back Office Administration

▬ Describe the hierarchical structure of users

▬ Roles and access

▬ Manage groups

▬ Manage CSRs

Customer Service Application

▬ Validate a cardholder’s identity

▬ Manage cardholders

▬ View activity and transaction logs

▬ Use the Personal Account Manager

▬ Work with e-mail alerts

Case Management Application

▬ Describe a case

▬ List case management best practices

▬ Explain the importance of feedback and

working cases

▬ Describe repudiation files

▬ View and update cases

Policy Manager Application

▬ View and update rule definitions

▬ Add rules

▬ Activate a new test rule

▬ Edit and delete rules

Reporting

▬ Describe the different types of reports

available

▬ Generate web reports

▬ Describe Raw Data Reports

▬ Describe MIS reports


RSA® Adaptive Authentication 12

Migration Course Description

Overview This e-learning course describes the back office applications of RSA Adaptive

Authentication version 12, with emphasis on the changes compared to the previous

version: version 11.

The course is comprised of recorded product demonstrations to illustrate RSA

Adaptive Authentication 12 in action.

Audience Customers who may perform any of the following roles related to an RSA Adaptive

Authentication deployment: administration, configuration or maintenance.

Duration 60 minutes

Prerequisite Knowledge/Skills Students should have the following prerequisite knowledge:

Exposure to administration within RSA Adaptive Authentication

Familiarity with RSA Adaptive Authentication 11 Back Office applications

Course Objectives Upon successful completion of this course, participants should be able to work

effectively with the new back office applications of RSA Adaptive Authentication 12,

including:

Managing administrative settings

Managing access to back office applications

Policy Management

Case Management

Customer Service

Web Reports

AT-A-GLANCE

This e-learning course

provides an overview

modifications for the RSA

Adaptive Authentication 12

product through a

combination of lecture and

demonstrations.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630





Credits


Course Outline

Migration Preparation Phase

▬ Pre-requisites

▬ Removing Beacon and Web Redirect

▬ Upgrading API

▬ Provisioning

▬ Data Migration

Migration Silent Period

▬ Changing SOAP URL and FQDN

▬ Removing STU and Proxies

▬ Re-implementing RDR, CM API, Bath Files

and BO SSO

▬ Re-creating policies

New Features

▬ Device Identification Module

▬ Back Coloring

▬ eFN Enhancements

Back Office Differences

▬ URLs

▬ Case Management

▬ Customer Service Updates

▬ Policy Management Changes

▬ Admin Console Changes

64

RSA® Web Threat Detection Essentials Course Description

Overview On Day One, users navigate the RSA Web Threat Detection Back Office applications

such as the Dashboard, Profile Timeline and more, in their own environment and

learn how to evaluate and diagnose web session trends and threats via the RSA

Web Threat Detection Dashboard interface. On Day Two, users learn to write rules

that result in alerts and actions that provide critical information for further analysis

and reporting. All training is delivered on-site at the customer’s location.

During these two days, the training will include real-world examples and best

practices that RSA Web Threat Detection Threat Analysts use today.

Audience Security analysts and/or administrators who will be using the RSA Web Threat

Detection system.

Duration 2 days

Prerequisite Knowledge/Skills Day One attendees will need: An understanding of web logic abuse and forensic investigation A general understanding of HTTP, and how web sites work

Day Two attendees will need the Day One knowledge, plus: A general understanding of rules syntax, regular expressions, or similar

technologies

Course Objectives Upon successful completion of this course, participants should be able to: Navigate the RSA Web Threat Detection back office applications Perform searches and analytics based on specific data elements and

timeframes Identify threats, patterns and abnormal behavior based on high risk

behaviors Create Rules and Alerts Implement best practices for rules management

AT-A-GLANCE

This course provides

customers with the

knowledge and skills they

need to use the RSA Web

Threat Detection Product

solutions.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED WTD ES 210 – Onsite Class

ED WTD TRAIN UNIT – Training

Units

65 © Copyright 2014 EMC Corporation. All rights reserved. 08/2014 EMC2, EMC, RSA, RSA Security, Archer, NetWitness and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries

Course Outline

Day One:

Introduction to RSA Web Threat Detection

Analysis tools

▬ Overview of detection logic concepts

▬ Introduction to threat score types

▬ Overview of rules and alerts

RSA Analysis User Interface utilities

▬ Dashboard

▬ Profile Timeline

▬ Risk Indicators

▬ Page Analysis

▬ User Analysis

▬ IP Analysis

▬ Score trends

▬ Recent incidents

Search

▬ Search Overview

▬ Step-by-Step Process

▬ Search Examples

▬ RSA WTD User/IP Lookup

▬ Search Query Management

▬ Export of Search Results

Rules Overview

▬ Rules Typologies

▬ Rules Data

▬ Rule Format

▬ Rule Syntax

▬ Rule Functions

▬ Use Cases

Day Two:

Introduction to Rules

Rules Interface

▬ Structure of a Rule

▬ Forensics and Mitigation

Rules Language

▬ Data

▬ Functions

▬ Threat Scores

Advanced Techniques

▬ Registers

▬ External Data Sets

Rules Management

▬ Alerts and Events

▬ Best Practices

Appendix

▬ Example Rules

▬ Glossary

66

RSA® Intelligence-Driven Event

Analysis Course Description

Overview Participants learn about intelligence-driven SOC processes, standard operating

procedures (SOPs), and monitoring tools. They learn to recognize the formats

associated with the various sources of information available in a network environment.

The course follows the end-to-end workflow of a Security Analyst, including all

appropriate steps that are needed to handle each type of identified security incident.

Audience IT professionals with 2 to 3 years of experience in a troubleshooting role, such as a

systems/network engineer, a system administrator, network operations analyst, or a

newly-hired security analyst. Knowledge of security fundamentals is required.

Duration 2 days

Prerequisite Knowledge/Skills Proven capabilities with networking fundamentals, operating systems, and security

concepts such as confidentiality, integrity, availability, authentication, and identity.


Identify the roles and responsibilities in a SOC.

Interpret sources of information in a SOC.

Describe how Security Analysts interact with information and data in the SOC

environment.

Monitor incoming event queues for potential security events and/or incidents using

various security tools per operational procedures.

Perform initial investigation and triage of potential incidents.

Investigate/analyze an incident.

Escalate an incident for further analysis aligned to SOPs.

Document and communicate investigative results aligned to escalation and/or

handoff SOPs.

Walk through an incident from alert to escalation to closure.

Apply concepts that are learned in the classroom setting to their specific working

environment.

AT-A-GLANCE

The RSA Intelligence-Driven

Event Analysis course

discusses an intelligence-

driven approach to event

and incident management

for a Security Analyst in a

forward-thinking Security

Operations Center (SOC).






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ACD IDEA 210 – Onsite Class

ED ACD TRAIN UNIT – Training

Units Industry tools used in this course include:

PsTools • Sysinternals Suite

Nmap/ZenMap • RSA Archer

Wireshark • RSA Security Analytics

Process Explorer


Course Outline

Roles and Responsibilities in a SecurityOperations Center

▬ Describe the purpose of a SecurityOperations Center (SOC) and its basicstructure.

▬ Define an event and an incident and

describe the difference between the twoterms.

▬ Identify the roles and responsibilities in aSOC.

▬ Name some of the tools that arecommonly used to monitor events in theSOC.

▬ Outline some of the key components in

the incident processing workflow

Interpreting Sources of Information

▬ Diagram the components and tools of

technical environment you are workingin

▬ Categorize sources of informationavailable to a security analyst

▬ Recognize information formats

▬ Establish the context of the observedinformation/data

▬ Assimilate external threat data andthreat intelligence

▬ Apply internal and external sources of

intelligence to an incident

Interacting with Information (IdentifyingEvents)

▬ Become the ‘eyes on glass’

▬ Analyze logs from distributed systemand network security devices

▬ Monitor all alerting systems

▬ Inspect network packet data

▬ View information using a console

Correlating Events

▬ Define event correlation

▬ Use several correlation engines

▬ Assist in the identification of potential computer and

communications security issues

▬ Correlate events and incidents with knowledge baseof historical events and incidents

Triaging Events

▬ Follow the triage process

▬ Prioritize incidents

▬ Apply standard operating procedures

Analyzing incidents using sources of information

▬ Explain the incident – is your system infected?

▬ Demonstrate fundamental understanding of allstandard information sources

▬ Determine whether an incident occurred and handle

appropriately

Escalation and Handoff

▬ Escalate an event for further analysis to the incident

handler

▬ Follow the SLA to resolution or escalation

▬ Standard operating procedures and analysis

Documenting and Communicating Issues

▬ Update the internal knowledge base and wiki

▬ Perform maintenance activities on security relateddatabases

▬ Assimilate external threat data and threat intelligence

68

RSA® Incident Handling and Response Course Description

Overview The course provides a thorough overview of tasks, processes, procedures, escalation

workflows and tools used by a Security Analyst/Incident Handler. Through use cases,

examples, and hands-on exercises, participants investigate a variety of critical incident

response scenarios. The instructional material emphasizes decision-making and

prioritization with the goal of teaching the students how to make an assessment in a

short amount of time using security monitoring instrumentation, contextual analysis and

correlation to indicators of network exploitation. Students develop a broader

understanding of the role the SOC fulfills in the larger organization, including exposing

them to the legal and regulatory compliance issues associated with incident response

and assessing organizational risk.

Audience Security Analysts with 6-12 months of experience working in a Security Operations

Center, Network Operation Center (NOC), Critical Incident Response Team (CIRT) or

similar function.

Duration 3 days

Prerequisite Knowledge/Skills Students who have taken the RSA Intelligence-Driven Event Analysis training course and

have 6-12 months of experience as a security analyst.


Outline sustainable and repeatable tasks, process, procedures, escalation points andworkflows of the Security Analyst/Incident Handler.

Ingest daily intelligence reports and previous shift logs.

Recognize the legal, corporate investigative responsibilities and compliance issues

associated with incident response.

Participate in risk analysis for central and distributed networks to include the impact

of cloud based infrastructures as part of the SOC.

Outline sustainable and repeatable tasks, process, procedures, escalation points andworkflows of the Security Analyst/Incident Handler.

Monitor security events using all SOC data sources.

Investigate all incidents aligned to proper process, procedure and escalation points.

Prioritize incident response relative to threat severity, business context and activity

volume.

Recommend, develop, and implement remediation procedures.

Create an incident report with appropriate handoffs and closure.

Coordinate, de-conflict and align event and incident communication.

Support root cause analysis.

Prepare communication for executives and enterprise stakeholders.

AT-A-GLANCE

The RSA Incident Handling

and Response course

prepares a security analyst

to take on incident handling

responsibilities in a

forward-thinking Security

Operations Center (SOC).






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ACD IHR 210 – Onsite Class


Units


Course Outline

The Tools and Tasks of an Incident Handler

▬ List the tasks, processes, proceduresand escalation points of a level twosecurity analyst

▬ Identify the tools used by the IncidentHandler

▬ Provide examples of the types ofincidents handled by the Level Twosecurity analyst

▬ Ingest daily intelligence reports andprevious shift logs for efficientoperations handoffs, escalations andtransitions

Participating in Regulatory Compliance

▬ Define security compliance

▬ Describe the types of compliance

standards

▬ Outline the steps to become compliantwith a standard

▬ Distinguish a security program from acompliance program

▬ Outline what happens during a

compliance audit

▬ Identify the responsibilities of a securityanalyst for a security audit

Contributing to Risk Assessment and

Mitigation

▬ Define organizational risk.

▬ Identify organizational assets and their

business function.

▬ Categorize the impact of a loss of anasset or business function.

▬ Monitor security controls to mitigate therisk to your organization.

▬ Contribute to risk analysis for central

and distributed networks.

▬ Assess the vulnerabilities of theorganizational assets protected by theSOC.

Outline an approach to risk

management.

Investigating an Incident

▬ Outline the steps to take when investigating asecurity incident.

▬ Develop a set of questions when presented with anincident.

▬ Gather data important to describing and

documenting the incident.

▬ Document all collected data.

▬ Analyze the collected data in order to put the pieces

together to tell a story.

▬ Make recommendations for next steps for theincident investigation.

Prioritizing Incident Response

▬ Evaluate threat severity, business context andactivity volume when prioritizing incident response.

▬ Identify escalation points for incident response.

▬ List steps in shift handoff.

▬ Outline the structure of a shift log entry.

▬ List best practices for the shift log.

Recommending Remediation

▬ Recommend remediation to operations

▬ Make recommendations to appropriate departmentfor each incident

Addressing After-Action Items

▬ Create an incident report

▬ Derive and incorporate threat intelligence from

incident

▬ Participate in root cause analysis

Preparing Executive-level Communications

▬ Summarize the outcome of a security incident.

▬ Identify the various audiences for a security incidentreport.

▬ Identify appropriate content for each audience.

▬ Develop the outline of a report for internal andexternal audience.

Industry tools used in this course include:


RSA Archer

70

RSA® Threat Intelligence Course Description

Overview In the context of the current threat environment, students learn ways to detect and correlate

data for better threat analysis; reduce breach exposure time and break the cyber kill chain;

and manage current and future threats. As participants progress through the course, their

perceptions of threats will evolve, and they will receive instruction on the role of threat

intelligence in security systems that are evolving along with the threat environment.

Students participate in hands-on and table-top exercises to practice strategies for analyzing

attacks and mitigating their effects, and for applying intelligence-driven security practices in

their own organizations.

Audience Security analysts who investigate, analyze, and resolve or escalate incidents and issues;

monitor external security information sources; or feed actionable intelligence back into

systems

SOC managers who want to implement a Threat Intelligence capability

Novice security analysts who meet prerequisites and want to advance their skills

Duration 2 days

Prerequisite Knowledge/Skills Students who have taken the RSA intelligence-Drive Event Analysis course. Familiarity with

computer architecture principles; networking concepts, and information security theory.


Describe the current global threat ecosystem

Illustrate the logical components of an advanced security program

List best practices for planning advanced defenses

Describe the cyber kill chain

Provide examples of cyber kill chain intervention

Compare traditional threats and Advanced Persistent Threats

Find and use sources of threat intelligence

Perform threat modeling of high-value assets and high-value adversaries

Gather and analyze threat intelligence

Manage the threat lifecycle

AT-A-GLANCE

The RSA Threat Intelligence

course provides Security

Analysts with comprehensive

instruction on the global

threat ecosystem and

strategies that organizations

can take to protect their

assets.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ACD TI 210 – Onsite Class


Units


Course Outline

Threat Overview

▬ Current Threat Ecosystem

▬ Ecosystem Overview

▬ Communities of Attackers

▬ Targets

▬ Vulnerabilities

▬ Avenues of Attack

▬ Tactics, Techniques, and Procedures

▬ Advanced Persistent Threats

▬ Threat Intelligence in an Advanced SecurityProgram

▬ Shortcomings of Traditional SecurityMeasures

▬ Advanced Approaches to Information

Security

▬ Advanced Security Operations Center Model

▬ Planning Advanced Defenses

▬ Guiding Principles for Defending the

Enterprise

▬ Defining a Cyber Footprint

▬ Quantifying Risk

▬ Applying Security Best Practices

▬ Promoting User Education

Types of Threats

▬ Crimeware

▬ Advanced Persistent Threats (APTs)

Cyber Kill Chain

▬ Attack Progression

▬ Anatomy of an Attack

▬ Cyber Kill Chain Model

▬ Kill Chain Interventions

▬ Detecting Attacks

▬ Indicators of Compromise

▬ Network-based Indicators

▬ Host-based Indicators

Intelligence Sources

▬ Government

▬ Industry Associations & Networks

▬ Commercial Sources

▬ Open Source

▬ Extended Enterprise

▬ Internal Organization Sources

Threat Modeling

▬ Threat Modeling Perspective

▬ Profiling Targets

▬ APT Targets

▬ Reconnoitering Targets, Web Presence,Industries, Social Media, High-Value Assets

▬ Threat Actor Attribution

▬ Actor Identification

▬ Target Identification

▬ Actor Behaviors

▬ Communication Strategy

▬ Threat Modeling Resources

Developing Threat Intelligence

▬ Command and Control Protocol Decoding

▬ Passive DNS Monitoring

▬ Email Operations

▬ Threat Infrastructure Enumeration

▬ Command and Control Domain Correlation

▬ Intrusion Set Attribution

▬ Public-Facing Web Infrastructure

Threat Management

▬ Detecting Threats

▬ Threat Mitigation Strategy

▬ Predicting Threats

72

RSA® Malware Analysis Course Description

Overview The RSA Malware Analysis course provides students with the knowledge and skills to

identify and act on actionable intelligence gathered through the process of malware

analysis. Students are introduced to the threat landscape and common malware vectors.

They learn to select and apply the tools and techniques required to reverse, monitor, and

detect a malware threat. Students develop a workflow to gather intelligence and apply it

to their security environment.

Audience Security analysts, computer forensic investigators, incident responders who have basic

knowledge of malware analysis and want to know more about the tools and techniques

associated with gathering and responding to actionable intelligence.

Duration 4 days

Prerequisite Knowledge/Skills Students who have taken the Intelligence-Driven Event Analysis, Incident Handling &

Response, and Threat Intelligence courses or have commensurate experience. Familiarity

with computer architecture principles, operating system theory, networking principles

(including protocols and communication channels), and fundamental principles of

computer security. Experience with programming and scripting concepts is also required.

(Python is used during the course.)


Describe the RSA Cyber Defense recommended workflow for reverse engineering

current malware threats.

Assess the presence of malware on system.

Examine behavior of malware and its interaction with its environment using dynamic

analysis tools and techniques.

Analyze command and control (C2) communication methods to establish the

intention and functionality of the malware.

Deduce the program instructions of a malware executable through the use static

analysis tools.

Combine static and dynamic analysis methods to investigate more complex features

of malware using disassembly and debugging tools.

Collect and report actionable intelligence gained from reverse engineering malware.

Recommend changes to a security program based upon actionable intelligence.

AT-A-GLANCE

The RSA Malware Analysis

course provides security

analysts with tools and

techniques for analyzing

malware and extracting

indicators of compromise.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ACD MA 210 – Onsite Class


Units


Process Monitor • Process Explorer • Process Hacker

Regshot • Wireshark • HBGary Flypaper

CFF Explorer • IDA PRO (free version) • Immunity Debugger

Volatility • Yara • Malzilla

JSBeautifier • JD-GUI • Peepdf


Course Outline

Introduction to Malware Analysis

▬ Define the components of malware and howthey work together to compromise a system

▬ Identify common malware vectors

▬ Describe the phases of the intrusion kill chain

▬ Outline the tasks involved in malware analysis

▬ Create a safe environment for investigating

malware code and behavior.

Assessing the Existence and Persistence of Malware

▬ Establish Indicators of Compromise

▬ Identify host-based artifacts.

▬ Identify network-based artifacts.

▬ Locate indicators of compromise.

▬ Determine malware’s method of persistence.

▬ Outline the procedure for assessing thepresence of malware on a system.

Dynamic Analysis of Malware

▬ Outline process of dynamic analysis

▬ Apply dynamic analysis techniques in order to

investigate malware’s behavior in a virtualenvironment.

▬ Examine malware execution using a debugger.

▬ Identify anti-analysis techniques.

▬ Defend against anti-analysis techniques.

▬ Analyze commonly exploited file formats.

Investigating Command and Control

Communications

▬ Define command and control communicationas used by malware.

▬ List the types of activities an attacker

engages in using C2.

▬ Describe C2 techniques.

▬ Outline the procedure to capture and analyzeC2 traffic.

▬ Describe how to set up an environment toinvestigate C2.

▬ Identify the tools critical to C2 investigation.

▬ Intercept SSL.

▬ Address the issue of C2 Not Responding.

Static Analysis of Malware

▬ Explain the process of static analysis.

▬ List the outcomes of the static analysisprocess.

▬ Classify sources of data viable for analysis.

▬ Identify packing and obfuscation methodsused by malware.

▬ Describe how compressed files are able toavoid detection.

▬ Disassemble malware executable code using

IDAPro.

▬ Organize information and data gained fromstatic analysis

Advanced Malware Techniques

▬ Multiple layers of obfuscation

▬ Botnets

▬ Backdoors

▬ Debugging using Ollydbg

▬ Analyze memory for the presence of rootkits

using Volatility

Making Recommendations Based upon ActionableIntelligence

▬ Collecting Actionable Intelligence Gained

from Malware Analysis

▬ Identify trends and problems to solve

▬ Communicate Actionable Intelligence

▬ Formulate recommendations

▬ Develop Yara rules to classify malware

74

RSA® SOC Simulation Challenge (“SOCSim”) Offering Description

Overview RSA SOCSim, a forensic analysis experience, exposes participants to network and host

forensic analysis within a real-world breach scenario using simulated SOC dynamics.

Participants are presented with a use case that requires them to analyze data flowing

over the network. They are guided through the analysis by challenge questions using a

“Jeopardy!” style interface based on the Cyber Kill Chain methodology. Answers are

derived through data exploration and investigation of sophisticated "puzzles within

puzzles" such as protocol and application analysis, steganography, reverse

engineering, encryption/decryption, open source intelligence and much more...


RSA Security Analytics 10.5

RSA ECAT 4.0.0.5

Other open source tools

At the end of the challenge, the RSA facilitator will provide an overview of the breach

scenario, including key analytical discoveries for each phase of the Cyber Kill Chain

and respond to outstanding questions that participants may have.

Audience Security analysts, computer forensic investigators, incident responders who have had

exposure to network, log and host forensic analysis, and want to challenge themselves

with simulated breach scenarios.

Duration Approximately 6 hours.

Prerequisite Knowledge/Skills Exposure to network, log and host forensic analysis is beneficial. Some security

operations experience would be helpful. Working knowledge of RSA Security Analytics

is required.

Course Objectives At the end of the challenge, participants will walk away with hands on experience and exposure to:

Network forensics through network protocol and application analysis

Host-based forensics through log analysis

Malware forensics through static and dynamic analysis

Use of open source threat intelligence

Common breach scenarios/tactics

Cyber Kill Chain methodology

Common tools used by network analysts/incident handlers

Experience of RSA’s Experts RSA and EMC have a 30-year legacy of working with clients worldwide to deliver

security solutions. RSA has leveraged its relationships with industry leaders to give

you deep insight into the most current threats and the intelligence-driven techniques

and tools to mitigate the risk of disclosure of information.

REGISTER:





site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630



COURSE PART NUMBER: Public: ED ACD TRAIN UNIT (9 units)

Onsite: ED ACD SOCSIM 210

AT-A-GLANCE

Experience the challenge of

competition while

responding to questions

based on a real-world

breach scenario.

75

RSA® Cyber Defense Workshop Course Description

Overview In this advanced workshop, participants are immersed in a simulated CIRC

environment where they assume different roles and manage the security events

that take place over the course of a three-day scenario. Day-to-day security

incidents will occur alongside potentially catastrophic activity related to the

advanced tactics of determined and persistent adversaries. Each member of the

CIRC Team will have to utilize skills and tools in order to detect, contain and

eradicate the threat as well as document the incidents for executive review. There

is virtually no lecture associated with this workshop; participants learn by doing.

This is the perfect opportunity for members of security teams to sharpen their skills

related to the newest attacks in a controlled environment assisted by experts. The

Workshop provides valuable insights for determining the specific skillsets and tools

that an organization needs in order to mitigate these most advanced types of

attacks against corporate assets.

Audience Security analysts, computer forensic investigators, incident responders who have

had exposure to malware analysis and want to know more about the tools and

techniques associated with gathering and responding to actionable intelligence

while acting as a member of a critical incident response team.

Duration 3 days

Prerequisite Knowledge/Skills Participation in the RSA Incident Handling & Response course or commensurate

experience. Some exposure to malware analysis, incident response, and

risk/compliance are beneficial. Participants should have some security operations

experience. Some experience with RSA Security Analytics would be helpful.

Experience of RSA’s Experts RSA and EMC have a 30-year legacy of working with clients worldwide to deliver

security solutions. RSA has leveraged its relationships with industry leaders to give

you deep insight into the most current threats and the techniques and tools to

mitigate the risk of disclosure of information. This course will empower attendees

with that knowledge and give them the opportunity to prove their current skill set

and add to it in a meaningful way.

AT-A-GLANCE

The RSA Cyber Defense

Workshop is designed to

give participants practical

experience as security

analysts who work in a

Security Operations Center

(SOC), Critical Incident

Response Center (CIRC) or

other critical incident

response capacity.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED ACD CDW 210 – Onsite Class


Units



RSA Security Operations Management (RSA SecOps)

Other open source tools


Topics covered in the Workshop Scenario

Because this workshop will be completely

scenario based, a formal course outline is not

applicable. Throughout this workshop,

participants will engage in:

Malware Analysis

Network Analysis

Network Forensics

Threat Intelligence

Incident Triage

Executive Presentation

Security Operations

Team Management

Legal, Regulations, & Investigations

Open Source and Commercial Tools

“… I found the training to be very good. The teamwork,

mandatory executive interaction and related reporting were

excellent. The training simulated a fast paced real world

scenario where we had to work cohesively as a team on a tight

analysis schedule.

Incident Response Analyst, Leading Technology Vendor

77

RSA® Security Awareness Program Solution Description

Overview

Information Security – for any organization – requires a holistic approach that

involves and affects every part of the organization. One “open door” is all that is

required for an attacker to be successful. It doesn’t matter if that open door

belongs to the CEO or the mail room clerk. All are potentially vulnerable and all are

equally important to include in protection tactics.

Effective protection involves not only products, processes and services – it involves

awareness of potential threats and everyday actions that can be taken by every

organization member to protect valuable resources and information.

RSA’s Security Awareness program offers ways to test and measure vulnerability,

then provide essential education to fill any gaps. Our Security Awareness training

can target virtually every level of an organization – raising awareness and offering

concrete steps to effect change, thus helping to prevent attackers from gaining a

foothold through unsuspecting targets.

Service Highlights

Risk Assessment

One of the key components of RSA’s offerings is the ability to assess the risk that

an organization’s members pose through lack of knowledge or by unwarily opening

an email attachment or browsing to a web site.

RSA’s services can assess users’ knowledge, target specific users or groups, and

simulate attacks to appraise and measure response. With such powerful

information, appropriate training can be identified and disseminated to users, which

helps close the gap between ignorance and intelligence in the realm of information

security.

Reporting and Metrics

RSA Security Awareness services allow Security Management to benchmark, track,

and trend user compliance, assessment, training activity, and ultimately,

improvement. Reports help show who has been assessed, who has participated in

training, score reports - where appropriate, and overall metrics for the organization.

Reports can be compiled in a number of ways to show trends by organization

segment, geographic region, subject area, and more. In the case where scoring is

used – such as in quizzes or surveys – information can be linked through SCORM-

compliant data to an organization’s own learning management system.

Delivery Options

Much of the training delivered to end users is in the form of eLearning, which allows

a high degree of flexibility and acceptance by participants. Some technical subjects

may also be delivered as instructor-led sessions.

Hosting of elearning material can be arranged by RSA or can be delivered from an

organization’s own learning portal.

TO REGISTER:

Visit the RSA Training and

Certification web site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630



AT-A-GLANCE

70% of respondents to a 2013 Deloitte survey rated lack of employee security awareness as an average or high vulnerability. Deloitte TMT Global Security Study February 2013 Deloitte Media Release

In 2013 there were nearly 450,000 phishing attacks and record estimated losses of over USD $5.9 billion. Phishing remains an ominous threat to consumers and businesses around the world.

2013 A Year in Review January 2014 RSA Fraud Report


Why Security Awareness programs are so important

Security Awareness needs to be an integral and ongoing part of an organization’s operations. Minimal compliance training

imparted to employees on an irregular or occasional basis are insufficient to arm a workforce with the acuity and knowledge

that they need to recognize potential attacks. Successful attacks, in turn, can do expensive and sometimes irreparable harm

to an organization. It is far better to thwart an attack than to remediate it after the fact. Security Awareness services help

you evaluate risks through phishing, social engineering and other attack methods – allowing you to manage and educate

employees proactively before a breach can occur.

RSA’s services take a multi-tiered approach to not only inform an organization’s members of effective security practices but

to offer measurements and simulated attack vectors to continuously evaluate your organization’s ability to recognize and

repel threats.

Organizations today are often faced with resource constraints that limit the amount of internal education that can be

directed toward information security. RSA’s services offer a near turn-key solution to help solve these constraints. RSA’s

services can be delivered in multiple ways, can be customized for an organization, and can be targeted to specific learning

styles and languages of members throughout an organization. Learning modules range from very targeted technical topics

through gamification of learning material. All are designed to help engage and capture the attention of individuals so that

they can better support an organization’s security posture.

Training to fit all organizational segments

General Staff

Security Awareness training for general employee populations include a variety of eLearning modules covering such subjects

as Password security, Phishing and Malware awareness, and Email and Mobile Device security. Modules can be combined

into an effective, comprehensive program for the entire organization.

IT Staff

Role-based Security Awareness training for IT staff targets topics of particular interest and relevance to IT professionals who

can build a security mindset into their daily tasks and toils. Whether involved with networking, systems management, or

database administration, RSA’s training programs address the security considerations that can make a difference in these

day-to-day operations.

Development Staff

Role-based Security Awareness training for Development Staff is designed to help build security controls and protection into

development projects on a variety of platforms. Participants learn the common programming flaws and how to test projects

from a security standpoint. In today’s environment, applications secured at the design and development level are essential

to minimize the expense and logistics of distributing security patches and to help prevent product denigration through

vulnerabilities.

Customized to your organization’s needs

In addition to the variety of subject matter available, RSA’s services can be customized to include your organization’s design

elements – such as corporate branding, can include specific information that relates to your organization’s policies and

procedures, and offerings are available in a number of languages. Pricing may vary based on customization so please

contact your RSA Education Sales person for specific details and options.

ABOUT RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions

for business acceleration. RSA helps the world’s leading organizations succeed by solving their most complex and

sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access

and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss

Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA

brings visibility and trust to millions of user identities, the transactions that they perform and the data that is

generated. For more information, please visit www.RSA.com and www.EMC.com


RSA® Certified Information Systems Security

Professional (CISSP) Certification Boot Camp

Course Description

GET PREPPED FOR THE CISSP EXAM BY RSA’S SECURITY EXPERTS

RSA has developed an effective program to help prepare candidates to become security

practitioners and successfully pass the (ISC)2 CISSP certification exam. This Certification

Boot Camp involves intensive lectures, demonstrations, and review questions delivered by

a security professional with years of experience as a practitioner. Not only will

participants become prepared to take the exam but the anecdotes and real world

examples from this course are invaluable insight into real world security challenges and

approaches to solve them.

The modules of this course follow the 10 Domains of the (ISC)2 Common Body of

Knowledge. Each module presents the concepts and vocabulary from a technical and

management aspect, bridging the gap that is often present in organizations today, a

holistic approach to the technical, physical and administrative controls that make up a

security program.

Each module is also followed by review questions, detailed explanations and exam tips

related to the material and how it may be presented on the exam.

RSA’s CISSP Boot Camp has been updated to reflect the 2012 Domain Name and content

changes. Participants will come away empowered for the exam and beyond.

2012 Common Body of Knowledge Domains Access Control

Telecommunications and Network Security

Information Security Governance & Risk Management

Software Development Security

Cryptography

Security Architecture and Design

Security Operations

Business Continuity and Disaster Recovery

Legal, Regulations, Investigations and Compliance

Physical (Environmental) Security

Added Bonus Module: Security Insights from Senior Executives RSA has a 30-year legacy of working with clients worldwide to deliver security solutions.

In this module, we explore the security issues that senior executives from global

organizations face as they enable their businesses and implement their security

programs. This content is unique to RSA’s CISSP Curriculum and not available elsewhere.

RSA Education Services is not affiliated with ISC2 or its subsidiaries. Participation in this course does

not guarantee the successful completion of the ISC2 CISSP Exam. RSA Education Services has

developed the course content from direct experience in the areas of the Common Body of Knowledge

and has used the ISC2 CISSP Candidate Information Bulletin as a reference as to technical depth and

topics on the exam. Course costs do not include exam fees or facilitate exam registration. Exam

schedules are available on ISC2.org.

AT-A-GLANCE

RSA Education Services

provides training worldwide

on RSA products and

advanced security topics.

Our mission is to enable the

next generation of security

professionals to address the

latest threats to information

and infrastructure security.

RSA’s CISSP Boot Camp has

been developed and

reviewed by security

practitioners, thought

leaders, and contributing

authors to provide the most

widely recognized CISSP

materials available.






site:


CONTACT US:

Email:

[email protected]

Phone: 800-995-5095

Int’l: 781-515-7700

Fax: 781- 515-6630




ED CISSP 210 – Onsite Class

ED STRS TRAIN UNIT – Training

Units

80

RSA® Learning Assessments

Enable faster technology adoption and increase productivity

OVERVIEW

As organizations increasingly depend on technology to manage their

businesses, the need for employees to be knowledgeable about security is

increasingly evident. Whether they are IT security professionals or

general office staff, having the appropriate security knowledge and skills

to perform their jobs is a critical business driver.

To plan and position your security training initiatives cost-effectively, RSA Learning

Assessments are tools to measure your team’s knowledge of RSA products and

other security-related concepts. Based on the learning assessment results, we can

work with you to identify a learning program that works for you and your team.

We provide learning assessments free of charge on the following RSA products and

topics:

RSA Adaptive Authentication

RSA Archer


RSA SecurID

Security Awareness

KEY BENEFITS

RSA Learning Assessments are useful for organizations who recognize a need for

training but aren’t quite sure what training their team really needs. By leveraging

RSA Learning Assessments, you can better understand the learning gaps and make

an informed decision about the most effective individual and group training plans

for your team.

And, online RSA Learning Assessments are available to you at no charge. An

assessment can be completed within 15-20 minutes with immediate results

provided to the assessment taker. For a team assessment, management reports

can be provided that evaluates individual and group results.

You’ll have greater confidence that both the time and financial investment in

training will more quickly enable your technology adoption and increase

productivity.

AT-A-GLANCE

Free to individuals and

organizations

Easy online access

Measures knowledge

of RSA products and

other security-related

concepts.

Group assessments

can be administered to

identify gaps across a

team

Customization of

assessments & reports

WHERE TO GO

Individuals can take an online

RSA Learning Assessment at:


For group assessments, contact

us at:

[email protected]

RSA Education Services

Phone: 800-995-5095

International: 781-515-7700



mailto:[email protected]

81 © Copyright 2013 EMC Corporation. All rights reserved. 08/2013 H12172 EMC2, EMC, RSA, RSA Security, Archer, NetWitness and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries.

SAMPLE REPORTS

ABOUT RSA

RSA is the premier provider of

security, risk and compliance

management solutions for business

acceleration. RSA helps the world’s

leading organizations succeed by

solving their most complex and

sensitive security challenges.

These challenges include managing

organizational risk, safeguarding

mobile access and collaboration,

proving compliance, and securing

virtual and cloud environments.

Combining business-critical

controls in identity assurance,

encryption & key management,

SIEM, Data Loss Prevention and

Fraud Protection with industry

leading eGRC capabilities and

robust consulting services, RSA

brings visibility and trust to

millions of user identities, the

transactions that they perform and

the data that is generated. For

more information, please visit

www.emc.com/rsa-training.

rsa customer education catalog · training is an invaluable means of facilitating growth in your...

Documents