FireEye Central Management (CM Series) is the FireEye threat intelligence hub. It services the FireEye ecosystem, ensuring that FireEye products share the latest intelligence and correlate across attack vectors to detect and prevent cyber attacks. CM improves operational efficiency for multiple FireEye devices.
This half-day course is a primer on CM, covering deployment options, basic administration, and core functionality. Hands-on activities include administering other FireEye appliances (NX, EX, FX, AX) using CM, correlating web and email attacks, and submitting malware detected via NX, EX, or FX directly to AX via the CM Web UI.
This course is the recommended starting point for anyone who uses a CM.
Upon completion of the course the learner should be able to:
- Deploy, install, and configure CM
- Administer NX, EX, FX, and AX series appliances using CM
- Identify potentially compromised hosts via CM
- Identify recipients of malicious emails via CM
- Correlate web and email attacks
- Submit malware detected via NX, EX, or FX directly to AX via the CM Web UI.
- Central Management
- FireEye CM Web UI and dashboard
- Managing NX, EX, FX, and AX
- Correlating events detected via different vectors, e.g. web and email
- Submitting alerts detected by EX and NX to AX for deep analysis
Lessons are typically a blend of lecture and hands-on lab activities.
A working understanding of networking and network security, the Windows operating system, file system, registry, and use of the CLI.
Network security professionals and incident responders.