The Symantec Data Loss Prevention 15.5 Policy Authoring and Incident Remediation course is intended for DLP policy authors and incident remediators who need to understand how to create, maintain, and refine DLP policies and how to create effective incident remediation workflows to drive toward their organization’s data-loss risk reduction goals. The hands-on labs include exercises for authoring policies (detection rules and response rules) and performing incident detection, incident response, and incident reporting. The course assumes that Symantec Data Loss Prevention (DLP) is already implemented in the organization’s environment and is configured to cover the relevant vectors for the organization: Data in Motion Data at Rest, and Data in Use, whether on-premises or in the cloud. For this reason, the course does not cover how to implement, maintain, or troubleshoot the servers and cloud components of the DLP product suite, or the technical configuration of individual DLP products beyond policy authoring and incident remediation.
You should have a general understanding of the channels that are covered in your Symantec Data Loss Prevention implementation as w ell as a good idea of the types of confidential data your organization w ants to protect
2 Days/Lecture & Lab
This course is intended for anyone responsible for creating and maintaining Symantec Data Loss Prevention policies (consisting of detection and response rules) and/or for tracking and remediating incidents.
• Setting Risk Reduction Goals for Your Data Loss Prevention Program
- Identifying and Describing Confidential Data in Your Data-Loss-Prevention Policies
- Protecting Confidential Data using your Data- Loss-Prevention Policies
- Remediating Data Loss Incidents and Tracking Risk Reduction
- Course Review