product evaluation.
- Courses
- /
- Designing Security Controls
- /
-
EDR Product Evaluation - Project Brief.pdf
Go Back to Designing Security Controls
Content
Course Outline
Module 3 - Agenda
Cyber Range - Version 2
Instructions for Cyber Range
Cautionary Note on accessing the Cyber Range
Mandatory Declaration Form - Cyber Range
INC 13 - Creating text files in Kali Linux.pdf
PGPCS- Cyber Range V2 - US
Checkpointr80.10 - installation and configuration.pdf
SmartConsole - installation and configuration-1.pdf
Checkpoint_FAQ_v1.0.pdf
Week 3 - System Audit and Audit Logs (~ 25 minutes)
Introduction to System Audit
System Audit Reports
System Audits
Audit Logs
Audit Logs
Week 3 - Vulnerability Management & Scanning (~ 80 minutes)
Vulnerability Management Part I
Vulnerability Management Part II
Demo-Common Vulnerability Scoring System Calculator
Vulnerability Management
Introduction to Vulnerability Scanning
Vulnerability Scanning Tools
Vulnerability Scanning Reports
Vulnerability Management Reports
Vulnerability Scanning
Nessus Demonstration P1
Nessus Demonstration P2
Week 3 - Patch Management (~ 25 minutes)
Introduction to Patch Management
Patch Management Best Practices
Checking for vulnerabilities in Windows system
Patch Management
Week 3 - Reading Material
Patch management.pdf
System Audit and Audit Logs.pdf
Vulnerability Management.pdf
Week 2 - Data Loss Prevention (~1 hour)
Introduction to DLP
Advantages & Disadvantages of DLP
Types of DLP deployment architecture
DLP I
How do DLP systems work?
Compliance focused framework for DLP
DLP Policies
DLP Selection process
Top DLP products and Guidance on rules for DLP
DLP II
Week 2 - Cloud Access Security Broker (~30 minutes)
Cloud Access Security Broker
CASB Use cases
CASB Architectures
CASB
Week 2 - Data Backups and Recovery (~1 hour)
Introduction to Data Backup-2
Approaches and types of Data Backup-2
Air Gapped Backups
Data Backup Topologies-2
Data Backup and Recovery I
Designing Data Backup Systems
Data Recovery and Backup Security-2
Data Backup and Recovery II
Week 2 - EDR Product Evaluation Project
EDR Product Evaluation - Project Brief.pdf
EDR Product Evaluation - Sample Report.docx
EDR Product Evaluation - Report Submission
Week 2 - Reading Material
CASB.pdf
Data Backup.pdf
DLP.pdf
Week 1 - Firewalls (~50 minutes)
Introduction to Firewalls
Firewall I
Types of Firewall
Firewall II
Web Application Firewalls
Windows Firewall Demo
Web Application Firewall
Week 1 - Antivirus & EDR (~1 hour)
Overview of Malware
Worms, Trojans, Spyware and Ransomware
Other types of Malware
Introduction to Antivirus and Types of Antivirus Software
Antivirus Architecture and Advanced Features
Antivirus Engine , Attacker Tools and Malware Signatures
Antivirus
Demo of Standalone Antivirus - Part I
Demo of Standalone Antivirus - Part II
Demo of Antivirus Server Part I
Demo of Antivirus Server Part II
Introduction to EDR
EDR
Week 1 - IDS and IPS (~20 minutes)
Introduction to IDS and IPS
IDS Approaches and Types of IDS
Implementing an Active Response and Log Management
Next Gen Intrusion Prevention system
IDS & IPS
Week 1 - Email Protection (~25 minutes)
Introduction to Email Protection
Email Threats and Protection Options
Email Security and Backup
Email Spams and Phishing
Best Practices
Demo of Email Protection Tool
Email Protection
Week 1- Reading Material
Antivirus and EDR.pdf
Email Protection.pdf
Firewalls.pdf
Intrusion Detection and Intrusion Prevention Systems.pdf
Web Application Firewall.pdf
All Notes
Course Content
EDR Product Evaluation - Project Brief.pdfEDR Product Evaluation - Project Brief.pdf
Thumbnails Document Outline Attachments Previous Next Highlight all Match case Whole words Presentation Mode Go to First Page Go to Last Page Rotate Clockwise Rotate Counterclockwise Text Selection Tool Hand Tool Vertical Scrolling Horizontal Scrolling Wrapped Scrolling No Spreads Odd Spreads Even Spreads Document Properties… Toggle Sidebar Find Previous Next of 3 Presentation Mode Tools Zoom Out Zoom In Automatic Zoom Actual Size Page Fit Page Width 50% 75% 100% 125% 150% 200% 300% 400%-
EDR Product Evaluation –Project BriefWhat are product evaluations?Cyber security teams all over the world have to do product evaluations on a regular basis. This is done to choose a product that fits the right product for the requirements.There’s noshortage of security products on the market right now. And given this plethora of options, it’s no wonder that companies face such a challenge in deciding what is right for them. Recognize that there is no single product solution to all security challenges. You can't implement one product as a cure-all for your range of needs, assets, and potential threats. The purpose of such evaluations is the following:•Reduce security risks•Product has all the features that you have identified•Security product has thesupport model that you desire•Security product fits the pricing requirementsIn this project you are given a task to evaluate multiple antivirus / EDR products and provide a recommendation. Please evaluate the security products for the following features.•Ease of use•Cloud Management•Support: Managed Security Services•Cloud Sandbox•Ability to collect forensic evidence•Network Contain an endpointProject Overview:You work as a Security Consultant with an organization which deals with IT solutions and services. Your organization is planning to switch to one of the following EDR products:➢Crowdstrike Falcon Insight(Data sheet)➢Sophos: Intercept X Endpoint(Data Sheet)➢Symantec Endpoint Detection and Response(Data Sheet)Your organizationhasreceived the following quotes from each of the vendors:➢Crowdstrike Falcon Insight: 70 USDper seat➢Sophos: Intercept X Endpoint: 65 USDper seat➢Symantec Endpoint Detection and Response: 60 USDper seatYou, as a Security Consultant, have been asked by the CISO to prepare an assessment report for all the 3 products and align it with the organization’s requirements. The security operations team have identified the following expected requirementsnecessary for the EDR solution to be deployed:1.EDR Product is needed for 1000 seats
2.The productmust have 24/7 Support with an Account Manager allocated for us3.The product should have the ability of network contain4.The product should enable forensic investigations5.A sandbox capability for analysis of malware, preferably a cloud-based solution.A special note from the security team:“Zero trust is the direction where your company is heading. Hence, the EDR tool should be able to give Zero Trust assessmentand if any tool that gives that feature, would certainly be of advantage”The project consists of a total of 40 points.Instructionsfor completing the Project:1. Answer the questions given below in the specified format.2. You can make use of the product comparison tool provided by Gartner. Link: https://www.gartner.com/reviews/market/endpoint-protection-platforms. You can use the compare feature for comparison of the characteristics of the products.3. Use the data sheetof the productsto analyse the necessary metrics.Project Submission:1. Present your comparison analysis of the three products in the following format:(20 points)Characteristics Crowdstrike Falcon InsightSophos: Intercept X EndpointSymantec Endpoint Detection and ResponseNetwork containForensic EvidenceCloud SandboxSupport: Managed Security ServicesZero Trust AssessmentEase of Use RatingGartner Rating (Overall)Price
% of people willing to recommend2. On the basis of your assessment, evaluate the suitability of the products and determine the product which matches the stated requirements. State the name of the product and mention the reason for selecting it. (10 points)3. Are there any additional advantages (in terms of the capabilities offered) of the product you have selected? If yes, please state them. (10 points)Please use the Sample Report Format to submit. Project Support: Q&A forum for offline support: Discussion board. You can also post your queries on the discussion forums available on Olympus.
More Information
Less Information
Close
Enter the password to open this PDF file.
Cancel OK File name:-
File size:-
Title:-
Author:-
Subject:-
Keywords:-
Creation Date:-
Modification Date:-
Creator:-
PDF Producer:-
PDF Version:-
Page Count:-
Page Size:-
Fast Web View:-
Close Preparing document for printing… 0% CancelThis page is intended to be viewed online and may not be printed
Previous NextProprietary content.©Great Learning. All Rights Reserved. Unauthorized use or distribution prohibited.
© 2023 All rights reserved
Privacy
Terms of service
Help