Endpoint Security for System Administrators

This course requires an account. Please log in to view the full course. If you don't have an account, please contact your trlx account manager for assistance.

Welcome to the FireEye Endpoint Security training. My name is Sarah Cox and I’ll be your instructor for the course. FireEye Endpoint Security is an enterprise protection, detection and response platform. This course is intended for system administrators, so we’ll focus on deploying, configuring, and managing the three main components of Endpoint Security, FireEye Endpoint Security server, DMZ controller and the FireEye agent. We’ll also look at configuring the various detection engines used by Endpoint Security, creating custom rules and some of the UI tools. Looking at how analysts respond to alerts, search for threats across the enterprise, acquire files and triages and contain endpoints will help you understand how best to configure the settings of Endpoint Security to support your team. Let’s get started.

This entry-level online course covers deployment options, basic administration and core functionality for FireEye Endpoint Security appliances.

Learning Objectives

After completing this course, learners should be able to:

  • Identify the components needed for FireEye Endpoint Security appliance deployment
  • Identify the key phases of Endpoint Security appliance operation
  • Perform the initial configuration of Endpoint Security appliances and hosts
  • Create custom threat indicators
  • Identify critical information in an Endpoint Security alert
  • Validate an Endpoint Security alert
  • Request and approve hosts for containment

Who Should Attend

Network security professionals and incident responders who must set up and work with FireEye Endpoint Security appliances.


A working understanding of networking and network security, the Windows operating system, file system, registry and use of the command line interface (CLI).

Course Content

Scroll to Top