Secure Configuration Manager
Course 9294

This lecture/lab-style, three-day course will help you understand, deploy and successfully use Secure Configuration Manager. The course is designed with real-world content and with an emphasis on hands-on exercises. You will learn to install and use Secure Configuration Manager to examine the weaknesses in Windows, UNIX, web-server, and database systems. You will also learn to apply industry standard baselines and criteria such as the SANS/FBI Top 20, HIPAA, and Sarbanes-Oxley to determine weaknesses. And, lastly, you will learn how to develop your own customized checks for specific vulnerabilities. You will practice these skills using features within Secure Configuration Manager to remove these vulnerabilities and lock down Windows and UNIZ computer systes, IIS web-servers, and Microsoft SQL-Server database servers. You will keep your security content up to date, use SCM to be automatically informed when new vulnerabilities are discovered by the computer security industry.

Course Information

Delivery Method: Classroom, Self-Study Kit, Ondemand

Course Duration: 3 days

Course Level: Intermediate

Key Objectives

The key objectives of the course is to:

  • Identify consoles, Core Services, and database components
  • Describe the basic process flow of information within the Secure Configuration Manager system
  • Describe the difference between systems, agents, endpoints, and groups
  • Install and configure Secure Configuration Manager
  • Install Secure Configuration Manager Agents on remote Systems
  • Describe the difference between a Policy and a Standard
  • Audit the security compliance of your IT assets
  • Describe the differences among Security Checks, Policy Templates, Tasks, and Task Suites
  • Create console users and roles
  • Create and use Custom Checks and Tasks
  • Identify and correct Windows vulnerabilities
  • Run the Security Compliance Dashboard
  • Use the UNIX Agent Manager
  • Use AutoSync to update security knowledge in Secure Configuration Manager

Audience Summary

The course is designed for Secure Configuration and IT administrators and support personnel familiar with Windows, Domain Controllers, and Networking.

Course Outline

Welcome
• Secure Configuration Manager Features
• SCM Content Support
Architecture
• Secure Configuration Manager Architecture
• Recent Changes
• New Dashboard in 6.1
• Architecture
• Understanding Secure Configuration Manager Components
• Understanding AutoSync Archive
Installation
• Installing Secure Configuration Manager
• Installation Planning
• Multiple Core Services
• New Installer for Version 6.1
• Network Device Support
• Configuration
• Installation Process
• Introducing the Console
• Adding Assets to the Asset Map
• Exploring the IT Assets Content Pane
• Discovering Additional Systems and Endpoints
• Discovering Systems in Your Environment
• Core Services Configuation Utility
• Managing Discovered Systems
• Adding Windows Agents to Discovered Systems
Agents
• Installing and Updating Agents
• Windows Agent Installation
• Windows Agent Deployment Requirements
• Understanding Management by Proxy
• Proxy Requirements
• Understanding Installation Options
• Managing Microsoft SQL Server Endpoints
• Managing Oracle Endpoints
• Managing Microsoft IIS Endpoints
• Microsoft IIS Endpoint Deployment Checklist
• Managing NAS Server Endpoints
• NAS Server Endpoint Deployment Checklist
• Managing Microsoft Active Directory Endpoints
• UNIX Agent Installation
• Configure UNIX Agent Manager
• Post Agent Installation
Asset Management
• Grouping Computers in Your Asset Map
• Understanding IT Assets
Vulnerability Assessment
• Assessing Computers with Secure Configuration Manager
• Security Checks
• Policy Templates
• Exception Management
• Excluding Values from Security Check Runs
• Viewing or Printing a Report
• Understanding Risk Scoring
• Threat Factors
• Tasks
• Jobs and Reports
• Task Suites
Console Security
• Understanding Console Security
• Managing Password Policy
• Security Content Update
Customization
• Custom Checks
• Custom Tasks
• Governance Risk and Compliance (GRC) Integration using Unified Compliance Framework (UCF)
• NetIQ GRC Manager
• SCM integration with Sentinel & Other SIEM Products
• Required Configuration
• Accessing Event Report using SCM Web Service
• Required Configuration
• SCM & Sentinel Integration Architecture
• Integration of SCM & Third-party SIEM
• Sending Events to ArcSight
Correcting Windows Vulnerabilities
• Account Vulnerabilities
• Resource Vulnerabilities
• Domain Vulnerabilities
Evaluating Endpoint Compliance
• Evaluating Endpoint Compliance
UNIX Agent Manager
Correcting UNIX Vulnerabilities
• Account Vulnerabilities
• Resource Vulnerabilities
• Network Vulnerabilities
Updating Security Knowledge

Course Prerequisites

Secure Configuration Manager

Prerequisites are an understanding of Windows, Networking, and Active Directory.