Forcepoint DLP Administrator

X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.


Forcepoint DLP Administrator

Enroll Now
Duration
3 Days
Delivery
(Online and onsite)
Price
Price Upon Request
In this three-day Forcepoint Data Loss Prevention (DLP) Administrator instructor-led training (ILT) course, you will learn how to test an existing deployment, administer policies and reports, handle incidents and endpoints, and upgrade and manage the Forcepoint DLP system. You will develop skills in creating data policies, building custom classifiers, performing system maintenance, and using predefined policies, incident management and reports.
  • Identify and define core DLP terminology, resources, and architecture.
  • Define and create each type of DLP classifier.
  • Define and create each type of DLP resource, including URL categories, action plans, and notifications.
  • Define and create each type of DLP policy, rule, and exception.
  • Manage policies and rules using bulk updates and policy levels.
  • Explain and test the capabilities and modes of OCR.
  • Build, deploy, and manage the Forcepoint One Endpoint.
  • Define the terms specific to DLP incident reporting.
  • List and explain the report types in the report catalog.
  • Manage and customize incident reports.
  • Analyze and perform each type of workflow on a DLP incident.
  • Explain the features of the Incident Risk Ranking dashboard.
  • Create and configure an administrator with role-based permissions.
  • Define and perform discovery activities.
  • Define and perform fingerprinting and machine learning activities.
  • Explain the functionality of file tagging and how DLP integrates with it.
  • Import and apply file tags, create classifiers, and use them in a policy and rule.
  • Review the operational status of DLP components and services.
  • Identify the elements included in a DLP backup and restore procedure and then perform this procedure.
  • Identify and analyze the primary logs used in DLP security manager.

Module 1: Introduction to Forcepoint DLP

  • Describe a DLP implementation and define core DLP terms.
  • Identify available Forcepoint DLP product information resources and where they can be accessed.

Module 2: Configuring Forcepoint DLP Classifiers

  • List and explain each Forcepoint classifier type.
  • Create a functional example of each Forcepoint classifier type.
  • Access the list of predefined script classifiers and identify several commonly used categories.
  • Configure the parameters of a predefined script classifier.

Module 3: Configuring Forcepoint DLP resources

  • List and explain each Forcepoint DLP resource.
  • Configure a connection to and import a user directory.
  • Create a functional example of each Forcepoint DLP resource.
  • Import URL categories by enabling the linking service.
  • List and explain the default action plans.
  • Create a custom action plan.
  • List and explain the default notifications.
  • Use dynamic variables in notifications.
  • Configure the default notification.

Module 4: Configuring Forcepoint DLP policies and rules

  • Define what a DLP policy is, identify three broad types of them, and explain what they do.
  • Explain how cumulative rules can be used in DLP.
  • Configure, deploy, and test a quick policy.
  • Configure and test a predefined policy.
  • Configure, deploy, and test a custom policy and rule.
  • Explain the purpose and function of a rule exception.
  • Explain how to perform a bulk update of multiple policies and rules.
  • Explain how policy levels provide scope and processing order for policies, then create a new policy level and assign policies to it.

Module 5: Analyze a transaction using OCR

  • Explain the capabilities and modes of OCR.
  • Configure a policy engine to work with an OCR server.
  • Submit a transaction to the OCR engine and examine the results.

Module 6: The Forcepoint One Endpoint

  • Identify the core features of the Forcepoint One Endpoint.
  • Explain the endpoint global and profile settings.
  • Deploy the Forcepoint One Endpoint.
  • Identify supported endpoint encryption methods.
  • Use the Forcepoint One Endpoint to encrypt files copied to removable media.
  • Explain the DLP endpoint temporary bypass feature.
  • Test the temporary bypass feature.
  • Configure the endpoint browser extension to work in monitor-only mode.
  • Test the endpoint browser extension in monitor-only mode.
  • Explain the DLP endpoint employee coaching feature.
  • Confirm the function of the employee coaching feature.

Module 7: Analyzing DLP incidents and reporting

  • Define the core terminology of Forcepoint DLP incident reporting.
  • List and explain the report types in the report catalog.
  • Analyze an incident in an Incident List report.
  • Perform each UI-based incident workflow action.
  • Explain the function of DLP incident batch operations.
  • Perform a remediation operation on a batch of incidents.
  • Explain the features of the incident risk ranking dashboard.

Module 8: Managing Delegated Administrators

  • Summarize attributes of delegated administrators and role-based permissions.
  • Configure a delegated administrator to have role-based permissions.

Module 9: Implementing discovery

  • Define terminology specific to discovery.
  • Perform discovery activities, including configuration, task execution, and analysis of discovery incidents.

Module 10: Creating fingerprinting and machine learning classifiers

  • Define terminology specific to fingerprinting and machine learning.
  • Perform file fingerprinting activities, including configuration, task execution, and tuning of results.
  • Perform machine learning activities, including configuration, task execution, and tuning of results.

Module 11: Importing file tagging labels

  • Explain the functionality of classification labels and how to integrate them into the DLP data labeling framework.
  • Integrate Boldon James into the DLP data labeling framework.
  • Create a file labeling classifier to manage files that contain sensitive or proprietary information.
  • Create and deploy a data usage policy using a file labeling classifier.
  • Create and deploy a discovery policy with an action plan capable of assigning file classification labels.

Module 12: Managing system health

  • Examine the DLP system health dashboard for sustained high usage.
  • Review the operational status of each registered system Module.
  • Identify and analyze the primary logs used by the DLP security manager.
  • Export information found in the primary logs.
  • Explain the functionality of DLP system alerts.
  • Identify the items included in a DLP backup.
  • Configure and perform a DLP backup task.
  • System administrators, data security administrators, IT staff
  • Sales engineers, consultants, implementation specialists
  • Forcepoint channel partners and IT staff
  • DLP incident and forensic analysts
  • General understanding of system administration and internet services
  • Basic knowledge of networking and computer security concepts
In this three-day Forcepoint Data Loss Prevention (DLP) Administrator instructor-led training (ILT) course, you will learn how to test an existing deployment, administer policies and reports, handle incidents and endpoints, and upgrade and manage the Forcepoint DLP system. You will develop skills in creating data policies, building custom classifiers, performing system maintenance, and using predefined policies, incident management and reports.
  • Identify and define core DLP terminology, resources, and architecture.
  • Define and create each type of DLP classifier.
  • Define and create each type of DLP resource, including URL categories, action plans, and notifications.
  • Define and create each type of DLP policy, rule, and exception.
  • Manage policies and rules using bulk updates and policy levels.
  • Explain and test the capabilities and modes of OCR.
  • Build, deploy, and manage the Forcepoint One Endpoint.
  • Define the terms specific to DLP incident reporting.
  • List and explain the report types in the report catalog.
  • Manage and customize incident reports.
  • Analyze and perform each type of workflow on a DLP incident.
  • Explain the features of the Incident Risk Ranking dashboard.
  • Create and configure an administrator with role-based permissions.
  • Define and perform discovery activities.
  • Define and perform fingerprinting and machine learning activities.
  • Explain the functionality of file tagging and how DLP integrates with it.
  • Import and apply file tags, create classifiers, and use them in a policy and rule.
  • Review the operational status of DLP components and services.
  • Identify the elements included in a DLP backup and restore procedure and then perform this procedure.
  • Identify and analyze the primary logs used in DLP security manager.

Module 1: Introduction to Forcepoint DLP

  • Describe a DLP implementation and define core DLP terms.
  • Identify available Forcepoint DLP product information resources and where they can be accessed.

Module 2: Configuring Forcepoint DLP Classifiers

  • List and explain each Forcepoint classifier type.
  • Create a functional example of each Forcepoint classifier type.
  • Access the list of predefined script classifiers and identify several commonly used categories.
  • Configure the parameters of a predefined script classifier.

Module 3: Configuring Forcepoint DLP resources

  • List and explain each Forcepoint DLP resource.
  • Configure a connection to and import a user directory.
  • Create a functional example of each Forcepoint DLP resource.
  • Import URL categories by enabling the linking service.
  • List and explain the default action plans.
  • Create a custom action plan.
  • List and explain the default notifications.
  • Use dynamic variables in notifications.
  • Configure the default notification.

Module 4: Configuring Forcepoint DLP policies and rules

  • Define what a DLP policy is, identify three broad types of them, and explain what they do.
  • Explain how cumulative rules can be used in DLP.
  • Configure, deploy, and test a quick policy.
  • Configure and test a predefined policy.
  • Configure, deploy, and test a custom policy and rule.
  • Explain the purpose and function of a rule exception.
  • Explain how to perform a bulk update of multiple policies and rules.
  • Explain how policy levels provide scope and processing order for policies, then create a new policy level and assign policies to it.

Module 5: Analyze a transaction using OCR

  • Explain the capabilities and modes of OCR.
  • Configure a policy engine to work with an OCR server.
  • Submit a transaction to the OCR engine and examine the results.

Module 6: The Forcepoint One Endpoint

  • Identify the core features of the Forcepoint One Endpoint.
  • Explain the endpoint global and profile settings.
  • Deploy the Forcepoint One Endpoint.
  • Identify supported endpoint encryption methods.
  • Use the Forcepoint One Endpoint to encrypt files copied to removable media.
  • Explain the DLP endpoint temporary bypass feature.
  • Test the temporary bypass feature.
  • Configure the endpoint browser extension to work in monitor-only mode.
  • Test the endpoint browser extension in monitor-only mode.
  • Explain the DLP endpoint employee coaching feature.
  • Confirm the function of the employee coaching feature.

Module 7: Analyzing DLP incidents and reporting

  • Define the core terminology of Forcepoint DLP incident reporting.
  • List and explain the report types in the report catalog.
  • Analyze an incident in an Incident List report.
  • Perform each UI-based incident workflow action.
  • Explain the function of DLP incident batch operations.
  • Perform a remediation operation on a batch of incidents.
  • Explain the features of the incident risk ranking dashboard.

Module 8: Managing Delegated Administrators

  • Summarize attributes of delegated administrators and role-based permissions.
  • Configure a delegated administrator to have role-based permissions.

Module 9: Implementing discovery

  • Define terminology specific to discovery.
  • Perform discovery activities, including configuration, task execution, and analysis of discovery incidents.

Module 10: Creating fingerprinting and machine learning classifiers

  • Define terminology specific to fingerprinting and machine learning.
  • Perform file fingerprinting activities, including configuration, task execution, and tuning of results.
  • Perform machine learning activities, including configuration, task execution, and tuning of results.

Module 11: Importing file tagging labels

  • Explain the functionality of classification labels and how to integrate them into the DLP data labeling framework.
  • Integrate Boldon James into the DLP data labeling framework.
  • Create a file labeling classifier to manage files that contain sensitive or proprietary information.
  • Create and deploy a data usage policy using a file labeling classifier.
  • Create and deploy a discovery policy with an action plan capable of assigning file classification labels.

Module 12: Managing system health

  • Examine the DLP system health dashboard for sustained high usage.
  • Review the operational status of each registered system Module.
  • Identify and analyze the primary logs used by the DLP security manager.
  • Export information found in the primary logs.
  • Explain the functionality of DLP system alerts.
  • Identify the items included in a DLP backup.
  • Configure and perform a DLP backup task.
  • System administrators, data security administrators, IT staff
  • Sales engineers, consultants, implementation specialists
  • Forcepoint channel partners and IT staff
  • DLP incident and forensic analysts
  • General understanding of system administration and internet services
  • Basic knowledge of networking and computer security concepts
    Upcoming Dates
  • ` Dec 12 - Dec 14, 2022
  • ` Jan 9 - Jan 11, 2023
  • ` Feb 6 - Feb 8, 2023
  • ` Mar 6 - Mar 8, 2023
  • ` Apr 3 - Apr 5, 2023
  • ` May 1 - May 3, 2023