See how Insoft Services is responding to COVID-19

Securing Cisco Networks with Sourcefire FireAMP for Endpoints (SSFAMP)


Kontakt os

Vi vil gerne høre fra dig. Udfyld denne formular for at forudbestilling eller anmode om yderligere oplysninger om vores leveringsmuligheder.


Jeg vil gerne modtage e-mails med de seneste oplysninger og kampagner fra Insoft.

Databeskyttelse og privatliv

Jeg tillader hermed Insoft Ltd. at kontakte mig om dette emne. Jeg tillader endvidere Insoft Ltd.-, at indsamle og lagre mine personlige data med henblik på disse aktiviteter. Alle dine data vil blive beskyttet og sikret som beskrevet i vores privatlivspolitik.

Kommende datoer

Jan 27 - Jan 28, 2021
09:00 - 17:00 (CEST)

Apr 29 - Apr 30, 2021
09:00 - 17:00 (CEST)

Aug 4 - Aug 5, 2021
09:00 - 17:00 (CEST)

Nov 2 - Nov 3, 2021
09:00 - 17:00 (CEST)

  • Securing Cisco Networks with Sourcefire FireAMP for Endpoints (SSFAMP)
    2 days  (Instructor Led Online)  |  Security (CLS)

    Course Details


    Securing Cisco Networks with Sourcefire FireAMP1 (SSFAMP) for Endpoints is two days instructor-led virtual course, delivered through Cisco WebEx¬ģ and offered by Cisco Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the powerful features of Sourcefire FireAMP software. This two-day virtual class covers information on Cisco Advanced Malware Protection (AMP) technology, deployment, management, and analysis.


    You will learn how to build and manage an AMP deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using powerful tools available in the Sourcefire FireAMP console.


    This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully deploy and manage a Sourcefire FireAMP deployment.


    Associated Exam:

    This course prepares you to take the Securing Cisco Networks with Sourcefire FireAMP for Endpoints exam.


    Upon completing this course, the learner will be able to meet these overall objectives:

    • Describe the architecture and various components of Sourcefire FireAMP and FireAMP cloud
    • ¬†Describe security concerns around malware and how attacks unfold
    • ¬†Describe and navigate the Sourcefire FireAMP interface, dashboard, and its components
    • ¬†Manage malware detection mechanisms
    • ¬†Describe advanced policy configuration for endpoints
    • ¬†Describe how to deploy and distribute the Sourcefire FireAMP connector
    • ¬†Describe file analysis and Sourcefire FireAMP reporting
    • ¬†Describe the private cloud offering


    • ¬†Module 1: Sourcefire FireAMP Overview and Architecture
    • ¬†Module 2: Console Interface and Navigation
    • ¬†Module 3: Outbreak Control
    • ¬†Module 4: Endpoint Policies
    • ¬†Module 5: Groups and Deployment
    • ¬†Module 6: Analysis
    • ¬†Module 7: Analysis Case Studies
    • ¬†Module 8: Accounts

     Lab Outline

    • ¬†Lab 1: Performing the Initial Setup
    • ¬†Lab 2: Initialize the Private Cloud
    • ¬†Lab 3: Accessing the Sourcefire FireAMP Console
    • ¬†Lab 4: Reviewing the Interface
    • ¬†Lab 5: Simple Custom Detection
    • ¬†Lab 6: Advanced Custom Detection
    • ¬†Lab 7: Application Blocking
    • ¬†Lab 8: Whitelisting
    • ¬†Lab 9: DFC IP Blacklist
    • ¬†Lab 10: Creating a Sourcefire FireAMP Policy
    • ¬†Lab 11: Creating Groups
    • ¬†Lab 12: Deploying the Connector
    • ¬†Lab 13: Connector Command-line Installation
    • ¬†Lab 14: Querying the History Database
    • ¬†Lab 15: Installing a Policy Manually
    • ¬†Lab 16: Testing Your Policy
    • ¬†Lab 17: Working with Sourcefire FireAMP Events
    • ¬†Lab 18: Detection and Quarantine Events
    • ¬†Lab 19: File Trajectory
    • ¬†Lab 20: Device Trajectory
    • ¬†Lab 21: Reporting
    • ¬†Lab 22: ZBot Analysis and Remediation
    • ¬†Lab 23: User Accounts
    • ¬†Lab 24: Enabling Demo Data


    This course is designed for technical professionals who need to know how to deploy and manage Sourcefire FireAMP software in their network environments. The primary audience for this course includes:

    • Security administrators
    • Security consultants
    • Network administrators
    • System engineers
    • Technical support personnel
    • Channel partners and resellers


    The recommended knowledge and skills that a learner should have for the best learning outcome include:

    • ¬†Technical understanding of TCP/IP networking and network architecture
    • ¬†Basic familiarity with the concepts of malware detection