Sophos Central Technician Training (2-3 March, 2021)

This course is designed for technical professionals who will be supporting Sophos Central and provides an overview of how to troubleshoot the product.

Sophos Central Technician Training (2 days Training) – Tuesday 2 March 2021– Wednesday 3 March 2021 

The course is expected to take 1 ½ days (10 hours) to complete, of which approximately half will be spent on the practical exercises. 

On completion of this course, trainees will be able to:

  • Understand the support tools required to investigate common issues
  • Identify common issues when reported
  • Perform appropriate troubleshooting steps

Prerequisites 

Prior to taking this course you should:

  • Have completed and passed the Sophos Central Certified Engineer course
  • This course uses Windows tools and utilities as part of the troubleshooting process. Students should be comfortable working with following:
  • Windows Administrator command prompt
  • Control Panel settings
  • File and folder permissions
  • Windows Services (services.msc)
  • Registry Editor (regedit.exe)
  • Windows Firewall with Advanced Security
  • Active Directory Users and Computers
  • Active Directory Group Policies.

Certification

To become a Sophos Certified Technician, trainees must take and pass an online assessment. The assessment tests their knowledge of both the presented and practical content. The pass mark for the assessment is 80% and is limited to 3 attempts.

Lab Environment

Each student will be provided with a pre-configured environment which simulates a company network with two sites, a head office and a branch office and contains Windows Servers, a Windows Desktop and three XG Firewalls

Content

  • Module 1: Introduction to Troubleshooting Sophos Central
  • Module 2: Client Installation
  • Module 3: Active Directory Synchronization
  • Module 4: Updating
  • Module 5: Policies
  • Module 6: Infection and Detection
  • Module 7: Threat Response

Certification

+ exam: Sophos Central Technician

Duration 1 1/2 days 

Agenda

Trainer: Michael Eleftheroglou

Day 1 Tuesday 2 March 2021 

9:30-10:35 Module 1: Introduction to Troubleshooting Sophos Central

  • Troubleshooting process
  • Alerts and logins in Sophos Central
  • Sophos Tools
  • Windows Tools
  • Client Log Files
  • Labs (40 mins)
  • Lab Preparation
  • Install Server Protection
  • Install and Configure AD Sync
  • Deploy an Update Cache and Message Relay

10:35-12:40 Module 2: Client Installation

Installation Overview

  • Active Directory Group Policy Deployment Failure
  • Download Failure
  • Competitor Removal Tool
  • Package Installation Failure
  • Labs (75 mins)
  • Troubleshoot CRT Issues
  • Uninstall a Deleted Endpoint
  • Customize the Competitor Removal Tool
  • Troubleshoot Deployment using a Startup Script
  • Troubleshoot Failure to Download the Installer
  • Troubleshoot Package Installation Failure

12:40-13:20 Lunch

13:20-14:30  Module 3: Active Directory Synchronization

  • Active Directory Synchronization Overview
  • Windows Password Changed
  • Central Password Changed
  • Unable to Connect
  • Users No Longer Being Synced
  • erifying Filters
  • Labs (45 mins)
  • Troubleshoot Synchronization Failure
  • Troubleshoot Connection Errors for Synchronization
  • Troubleshoot Groups Not Synchronizing
  • Troubleshoot a Missing UserIPsec VPN Could Not Be Established (Scenario 2)

14:30-15:45  Module 4: Updating

Updating (30 mins)

  • Updating Overview
  • Techniques for Troubleshooting
  • Disk Space and Permissions Problems
  • Name Resolution
  • Sophos Central
  • Sophos Certified Technician
  • Client Firewall
  • Network Firewall
  • Labs (45 mins)
  • Investigate the Current Configuration
  • Simulate Failure of the Update Cache Server
  • Modify Proxy Settings
  • Modify Firewall Settings

15:45-16:00 Break  

16:00-17:05  Module 5:Policies

  • Policies Overview
  • Management Communication
  • Message Relays
  • Troubleshooting Connectivity
  • Client Deleted from Central
  • Labs (45 mins)
  • Establish the Current Configuration for Management Communication
  • Configure Web Control policies and Global Settings
  • Configure Server Groups and Policies

Day 2  Wednesday 3 March 2021 

9:30-10:45 Module 6: Infection and Detection

  • Cleanup
  • Quarantine
  • False positives
  • Labs (30 mins)
  • Release a File from SafeStore
  • View File Information in EndPoint Self Help
  • Use the Source of Infection Tool

10:45-12:00 Module 7 Threat Response

  • Endpoint Detection and Response
  • How to read a threat case
  • Search for threats
  • Detection scenarios
  • How to find help from Sophos.
  • Labs (30 mins)
  • Generate and Analyze Threat Cases
  • Create and View a Forensic Snapshot