The Forcepoint DLP Administrator course is designed for people who will learn how to test an existing deployment, how to administer policies and reports, handle incidents and endpoints, upgrade and manage the Forcepoint DLP system. They will develop skills in creating data policies, building custom classifiers and using predefined policies, incident management, reporting, and system maintenance.
Contact Us
We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.
Duration
4 Days
4 Days
Delivery
(Online and onsite)
(Online and onsite)
Price
Price Upon Request
Price Upon Request
- Define the acronym “DLP” and explain how DLP can affect an organization.
- Identify and define core DLP terms.
- Identify the different states of data that Forcepoint DLP can protect.
- Access Forcepoint Security Manager and perform initial configuration of Forcepoint DLP.
- Define what a DLP system module is and explain the basic function each agent performs.
- Locate and configure registered system modules in a DLP environment.
- Identify the parts of a DLP incident envelope and where they are stored.
- Given a flow diagram, explain the sequence of steps in a DLP transaction.
- Identify the different channels and associated transaction types that Forcepoint DLP can protect.
- Identify available Forcepoint DLP product information resources and where they can be accessed.
- Explain where Forcepoint DLP fits into the Forcepoint Human Point System
- Explain the DLP license types and their related features.
- Analyze the content of a DLP subscription XML file.
- Deploy a new DLP subscription file.
- List and explain each Forcepoint classifier type.
- Create a functional example of each Forcepoint classifier type.
- Access the list of predefined script classifiers and identify several commonly used categories.
- Configure the parameters of a predefined script classifier.
- List and explain each Forcepoint DLP resource.
- Configure a connection to and import a user directory.
- Create a functional example of each Forcepoint DLP resource.
- Import URL categories by enabling the linking service.
- List and explain the default action plans.
- Create a custom action plan.
- List and explain the default notifications.
- Use dynamic variables in notifications.
- Configure the default notification.
- Define what a DLP policy is, identify three broad types of them, and explain what they do.
- Explain how cumulative rules can be used in DLP.
- Configure, deploy, and test a quick policy.
- Configure and test a predefined policy.
- Configure, deploy, and test a custom policy and rule.
- Explain the purpose and function of a rule exception.
- Explain how to perform a bulk update of multiple policies and rules.
- Explain how policy levels provide scope and processing order for policies, then create a new policy level and assign policies to it.
- Explain the capabilities and modes of OCR.
- Configure a policy engine to work with an OCR server.
- Submit a transaction to the OCR engine and examine the results
- Use the Online Applications feature to detect web file uploads to Google Drive or Dropbox.
- Explain aspects of the Forcepoint DLP CASB integration, including license management functionality, how to locate logs from CASB Cloud Agents, and how to configure and perform a cloud discovery scan.
- Identify the core features of the Forcepoint One Endpoint.
- Explain the current OS and software compatibility of the Forcepoint One Endpoint.
- Explain the endpoint global and profile settings.
- Obtain the necessary files and build an installer package for the Forcepoint One Endpoint.
- Deploy the Forcepoint One Endpoint.
- Identify supported endpoint encryption methods.
- Use the Forcepoint One Endpoint to encrypt files copied to removable media.
- Explain the DLP endpoint temporary bypass feature.
- Temporarily bypass the Forcepoint One Endpoint.
- Configure the endpoint browser extension to work in monitor-only mode.
- Test the endpoint browser extension in monitor-only mode.
- Explain the DLP endpoint employee coaching feature.
- Confirm the function of the employee coaching feature.
- Define the core terminology of Forcepoint DLP incident reporting.
- List and explain the report types in the report catalog.
- Analyze an incident in an Incident List report.
- Perform each UI-based incident workflow action.
- Explain the function of DLP incident batch operations.
- Perform a remediation operation on a batch of incidents.
- Explain the features of the incident risk ranking dashboard.
- Define the term AUP (Acceptable Usage Policy).
- Explain how to create policies that comply with your Acceptable Usage Policy.
- Explain governmental regulatory compliance specifications.
- Deploy DLP policies that meet a specific set of regulatory compliance specifications.
- Give a high-level overview of delegated administrators and role-based permissions.
- Configure a delegated administrator to have role-based permissions.
- Define terminology specific to discovery.
- Perform discovery activities including configuration, task execution, and analysis of discovery incidents.
- Define terminology specific to fingerprinting and machine learning.
- Perform file fingerprinting activities includinging configuration, task execution, and tuning of results.
- Perform machine learning activities, including configuration, task execution, and tuning of results.
- Explain the functionality of classification labels and how to integrate them into the DLP data labeling framework.
- Integrate Boldon James into the DLP data labeling framework.
- Create a file labeling classifier to manage files that contain sensitive or proprietary information.
- Create and deploy a data usage policy using a file labeling classifier.
- Create and deploy a discovery policy with an action plan capable of assigning file classification labels.
- Integrate Microsoft Information Protection into the DLP data labeling framework.
- Examine the DLP Infrastructure System Summary and identify where to examine CPU and memory resources.
- Review the operational status of components and services for DLP supplementary servers.
- Review the operational status of components and services for protectors, Web Security Gateways, and Email Security Gateways.
- Examine and evaluate performance indicator charts for a policy engine.
- Examine and evaluate performance indicator charts for the fingerprint repository.
- Examine and evaluate performance indicator charts for an endpoint server.
- Examine and evaluate performance indicator charts for the OCR server.
- Identify what is included in a DLP backup, and then configure and perform a DLP backup task.
- Identify and analyze the primary logs used in DLP Security Manager.
- Export and report on information found in the primary DLP logs.
- Manage incident storage by evaluating utilization, resizing it as needed, and archiving and restoring incident partitions.
- System administrators, data security administrators, IT staff
- Sales engineers, consultants, implementation specialists
- Forcepoint channel partners and IT staff
- DLP incident and forensic analysts
- General understanding of system administration and Internet services
- Basic knowledge of networking and computer security concepts
- A computer that meets the requirements noted at the end of this document
The Forcepoint DLP Administrator course is designed for people who will learn how to test an existing deployment, how to administer policies and reports, handle incidents and endpoints, upgrade and manage the Forcepoint DLP system. They will develop skills in creating data policies, building custom classifiers and using predefined policies, incident management, reporting, and system maintenance.
- Define the acronym “DLP” and explain how DLP can affect an organization.
- Identify and define core DLP terms.
- Identify the different states of data that Forcepoint DLP can protect.
- Access Forcepoint Security Manager and perform initial configuration of Forcepoint DLP.
- Define what a DLP system module is and explain the basic function each agent performs.
- Locate and configure registered system modules in a DLP environment.
- Identify the parts of a DLP incident envelope and where they are stored.
- Given a flow diagram, explain the sequence of steps in a DLP transaction.
- Identify the different channels and associated transaction types that Forcepoint DLP can protect.
- Identify available Forcepoint DLP product information resources and where they can be accessed.
- Explain where Forcepoint DLP fits into the Forcepoint Human Point System
- Explain the DLP license types and their related features.
- Analyze the content of a DLP subscription XML file.
- Deploy a new DLP subscription file.
- List and explain each Forcepoint classifier type.
- Create a functional example of each Forcepoint classifier type.
- Access the list of predefined script classifiers and identify several commonly used categories.
- Configure the parameters of a predefined script classifier.
- List and explain each Forcepoint DLP resource.
- Configure a connection to and import a user directory.
- Create a functional example of each Forcepoint DLP resource.
- Import URL categories by enabling the linking service.
- List and explain the default action plans.
- Create a custom action plan.
- List and explain the default notifications.
- Use dynamic variables in notifications.
- Configure the default notification.
- Define what a DLP policy is, identify three broad types of them, and explain what they do.
- Explain how cumulative rules can be used in DLP.
- Configure, deploy, and test a quick policy.
- Configure and test a predefined policy.
- Configure, deploy, and test a custom policy and rule.
- Explain the purpose and function of a rule exception.
- Explain how to perform a bulk update of multiple policies and rules.
- Explain how policy levels provide scope and processing order for policies, then create a new policy level and assign policies to it.
- Explain the capabilities and modes of OCR.
- Configure a policy engine to work with an OCR server.
- Submit a transaction to the OCR engine and examine the results
- Use the Online Applications feature to detect web file uploads to Google Drive or Dropbox.
- Explain aspects of the Forcepoint DLP CASB integration, including license management functionality, how to locate logs from CASB Cloud Agents, and how to configure and perform a cloud discovery scan.
- Identify the core features of the Forcepoint One Endpoint.
- Explain the current OS and software compatibility of the Forcepoint One Endpoint.
- Explain the endpoint global and profile settings.
- Obtain the necessary files and build an installer package for the Forcepoint One Endpoint.
- Deploy the Forcepoint One Endpoint.
- Identify supported endpoint encryption methods.
- Use the Forcepoint One Endpoint to encrypt files copied to removable media.
- Explain the DLP endpoint temporary bypass feature.
- Temporarily bypass the Forcepoint One Endpoint.
- Configure the endpoint browser extension to work in monitor-only mode.
- Test the endpoint browser extension in monitor-only mode.
- Explain the DLP endpoint employee coaching feature.
- Confirm the function of the employee coaching feature.
- Define the core terminology of Forcepoint DLP incident reporting.
- List and explain the report types in the report catalog.
- Analyze an incident in an Incident List report.
- Perform each UI-based incident workflow action.
- Explain the function of DLP incident batch operations.
- Perform a remediation operation on a batch of incidents.
- Explain the features of the incident risk ranking dashboard.
- Define the term AUP (Acceptable Usage Policy).
- Explain how to create policies that comply with your Acceptable Usage Policy.
- Explain governmental regulatory compliance specifications.
- Deploy DLP policies that meet a specific set of regulatory compliance specifications.
- Give a high-level overview of delegated administrators and role-based permissions.
- Configure a delegated administrator to have role-based permissions.
- Define terminology specific to discovery.
- Perform discovery activities including configuration, task execution, and analysis of discovery incidents.
- Define terminology specific to fingerprinting and machine learning.
- Perform file fingerprinting activities includinging configuration, task execution, and tuning of results.
- Perform machine learning activities, including configuration, task execution, and tuning of results.
- Explain the functionality of classification labels and how to integrate them into the DLP data labeling framework.
- Integrate Boldon James into the DLP data labeling framework.
- Create a file labeling classifier to manage files that contain sensitive or proprietary information.
- Create and deploy a data usage policy using a file labeling classifier.
- Create and deploy a discovery policy with an action plan capable of assigning file classification labels.
- Integrate Microsoft Information Protection into the DLP data labeling framework.
- Examine the DLP Infrastructure System Summary and identify where to examine CPU and memory resources.
- Review the operational status of components and services for DLP supplementary servers.
- Review the operational status of components and services for protectors, Web Security Gateways, and Email Security Gateways.
- Examine and evaluate performance indicator charts for a policy engine.
- Examine and evaluate performance indicator charts for the fingerprint repository.
- Examine and evaluate performance indicator charts for an endpoint server.
- Examine and evaluate performance indicator charts for the OCR server.
- Identify what is included in a DLP backup, and then configure and perform a DLP backup task.
- Identify and analyze the primary logs used in DLP Security Manager.
- Export and report on information found in the primary DLP logs.
- Manage incident storage by evaluating utilization, resizing it as needed, and archiving and restoring incident partitions.
- System administrators, data security administrators, IT staff
- Sales engineers, consultants, implementation specialists
- Forcepoint channel partners and IT staff
- DLP incident and forensic analysts
- General understanding of system administration and Internet services
- Basic knowledge of networking and computer security concepts
- A computer that meets the requirements noted at the end of this document