Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

Forcepoint Data Loss Prevention Administrator

( Duration: 2 Days )

The Forcepoint Data Loss Prevention Administrator training course provides skills to test an existing deployment, how to administer policies and reports, handle incidents and endpoints, upgrade and manage the Forcepoint DLP system. You will develop skills in creating data policies, building custom classifiers and using predefined policies, incident management, reporting, and system maintenance.

By attending Forcepoint Data Loss Prevention Administrator workshop, delegates will learn to:

  • Identify and define basic concepts of Forcepoint DLP.
  • Explain the Forcepoint DLP licensing model.
  • Create and manage Forcepoint DLP classifiers.
  • Define and create Forcepoint DLP resources.
  • Create and manage Forcepoint DLP policies and rules.
  • Analyze and manage transactions using OCR.
  • Manage Forcepoint DLP CASB integration.
  • Install and manage Forcepoint One Endpoint.
  • Analyze and report on DLP incidents.
  • Configure Forcepoint DLP to conform to regulatory compliance specifications.
  • Implement Forcepoint DLP discovery.
  • Implement fingerprinting and machine learning.
  • Apply policies using third-party file tagging software.
  • Monitor and manage Forcepoint DLP system health.

  • General understanding of system administration and Internet services
  • Basic knowledge of networking and computer security concepts

The Forcepoint Data Loss Prevention Administrator class is ideal for:

  • System administrators, data security administrators, IT staff
  • IT Consultants, implementation specialists
  • DLP incident and forensic analysts

COURSE AGENDA

1

Summarize the basic concepts of Forcepoint DLP

  • Define the acronym "DLP" and explain how DLP can affect an organization.
  • Identify and define core DLP terms.
  • Identify the different states of data that Forcepoint DLP can protect.
  • Access Forcepoint Security Manager and perform initial configuration of Forcepoint DLP.
  • Define what a DLP system module is and explain the basic function each agent performs.
  • Locate and configure registered system modules in a DLP environment.
  • Identify the parts of a DLP incident envelope and where they are stored.
  • Given a flow diagram, explain the sequence of steps in a DLP transaction.
  • Identify the different channels and associated transaction types that Forcepoint DLP can protect.
  • Identify available Forcepoint DLP product information resources and where they can be accessed.
  • Explain where Forcepoint DLP fits into the Forcepoint Human Point System.
2

Explain the Forcepoint DLP licensing model

  • Explain the DLP license types and their related features.
  • Analyze the content of a DLP subscription XML file.
  • Deploy a new DLP subscription file.
3

Create and manage Forcepoint DLP classifiers

  • List and explain each Forcepoint classifier type.
  • Create a functional example of each Forcepoint classifier type.
  • Access the list of predefined script classifiers and identify several commonly used categories.
  • Configure the parameters of a predefined script classifier.
4

Create and manage Forcepoint DLP resources

  • List and explain each Forcepoint DLP resource.
  • Configure a connection to and import a user directory.
  • Create a functional example of each Forcepoint DLP resource.
  • Import URL categories by enabling the linking service.
  • List and explain the default action plans.
  • Create a custom action plan.
  • List and explain the default notifications.
  • Use dynamic variables in notifications.
  • Configure the default notification.
5

Create and manage Forcepoint DLP policies and rules

  • Define what a DLP policy is, identify three broad types of them, and explain what they do.
  • Explain how cumulative rules can be used in DLP.
  • Configure, deploy, and test a quick policy.
  • Configure and test a predefined policy.
  • Configure, deploy, and test a custom policy and rule.
  • Explain the purpose and function of a rule exception.
  • Explain how to perform a bulk update of multiple policies and rules.
  • Explain how policy levels provide scope and processing order for policies, then create a new policy level and assign policies to it.
6

Analyze a transaction using OCR

  • Explain the capabilities and modes of OCR.
  • Configure a policy engine to work with an OCR server.
  • Submit a transaction to the OCR engine and examine the results.
7

Manage Forcepoint DLP cloud applications and CASB

  • Use the Online Applications feature to detect web file uploads to Google Drive or Dropbox.
  • Explain aspects of the Forcepoint DLP CASB integration, including license management functionality, how to locate logs from CASB Cloud Agents, and how to configure and perform a cloud discovery scan.
8

Install and manage the Forcepoint One Endpoint

  • Identify the core features of the Forcepoint One Endpoint.
  • Explain the current OS and software compatibility of the Forcepoint One Endpoint.
  • Explain the endpoint global and profile settings.
  • Obtain the necessary files and build an installer package for the Forcepoint One Endpoint.
  • Deploy the Forcepoint One Endpoint.
  • Identify supported endpoint encryption methods.
  • Use the Forcepoint One Endpoint to encrypt files copied to removable media.
  • Explain the DLP endpoint temporary bypass feature.
  • Temporarily bypass the Forcepoint One Endpoint.
  • Configure the endpoint browser extension to work in monitor-only mode.
  • Test the endpoint browser extension in monitor-only mode.
  • Explain the DLP endpoint employee coaching feature.
  • Confirm the function of the employee coaching feature.
9

Analyze and report on Forcepoint DLP incidents

  • Define the core terminology of Forcepoint DLP incident reporting.
  • List and explain the report types in the report catalog.
  • Analyze an incident in an Incident List report.
  • Perform each UI-based incident workflow action.
  • Explain the function of DLP incident batch operations.
  • Perform a remediation operation on a batch of incidents.
  • Explain the features of the incident risk ranking dashboard.
10

Configure Forcepoint DLP to conform to regulatory compliance specifications

  • Define the term AUP (Acceptable Usage Policy).
  • Explain how to create policies that comply with your Acceptable Usage Policy.
  • Explain governmental regulatory compliance specifications.
  • Deploy DLP policies that meet a specific set of regulatory compliance specifications.
  • Give a high-level overview of delegated administrators and role-based permissions.
  • Configure a delegated administrator to have role-based permissions.
11

Implement Forcepoint DLP discovery

  • Define terminology specific to discovery.
  • Perform discovery activities including configuration, task execution, and analysis of discovery incidents.
12

Implement fingerprinting and machine learning

  • Define terminology specific to fingerprinting and machine learning.
  • Perform file fingerprinting activities includinging configuration, task execution, and tuning of results.
  • Perform machine learning activities, including configuration, task execution, and tuning of results.
13

Apply policies using third party file tagging software

  • Explain the functionality of classification labels and how to integrate them into the DLP data labeling framework.
  • Integrate Boldon James into the DLP data labeling framework.
  • Create a file labeling classifier to manage files that contain sensitive or proprietary information.
  • Create and deploy a data usage policy using a file labeling classifier.
  • Create and deploy a discovery policy with an action plan capable of assigning file classification labels.
  • Integrate Microsoft Information Protection into the DLP data labeling framework.
14

Monitor and maintain Forcepoint DLP system health

  • Examine the DLP Infrastructure System Summary and identify where to examine CPU and memory resources.
  • Review the operational status of components and services for DLP supplementary servers.
  • Review the operational status of components and services for protectors, Web Security Gateways, and Email Security Gateways.
  • Examine and evaluate performance indicator charts for a policy engine.
  • Examine and evaluate performance indicator charts for the fingerprint repository.
  • Examine and evaluate performance indicator charts for an endpoint server.
  • Examine and evaluate performance indicator charts for the OCR server.
  • Identify what is included in a DLP backup, and then configure and perform a DLP backup task.
  • Identify and analyze the primary logs used in DLP Security Manager.
  • Export and report on information found in the primary DLP logs.
  • Manage incident storage by evaluating utilization, resizing it as needed, and archiving and restoring incident partitions.

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X