Content

McAfee Foundstone Enterprise Product Training

McAfee Foundstone product services

If you’re a security professional who wants to learn the advanced features of the McAfee® Foundstone® vulnerability management system, you’ll find this course beneficial. You’ll learn how to install, configure, troubleshoot, and integrate, so that you can more easily take advantage of all of the features and components of the Foundstone Enterprise system. You’ll gain such a thorough knowledge of the system that you‘ll be able to quickly navigate through the product features and learn to effectively employ the technology in your environment. Plus, you’ll master vulnerability management best practice concepts, which will help you with more efficient remediation and risk reduction.

Tab Navigation

Course Details

Course Code

TRN-FS-PROD-TCL

Duration

2 days

Objectives

  • Recognize and discuss the features of Foundstone appliances
  • Foundstone architecture and components
  • Intercomponent communication, protocols, and troubleshooting
  • Foundstone Enterprise device and component configuration
  • OS fingerprinting, service identification, and protocol engineering
  • Foundstone user account system and role-based access
  • Scan creation, management, and optimization
  • Scan performance and troubleshooting
  • Foundstone report and scoring interpretation and explanations
  • Thorough explanation of Foundstone Enterprise modules (remediation and threat correlation)
  • Basic vulnerability management best practices

 

Prerequisites

Not applicable.

Course Agenda

Day 1

 

 

  • McAfee Foundstone
    • Company overview
    • Application design
    • Components
  • Version 5.0
    • Major changes
    • New features
  • System architecture
    • Architecture of Foundstone 4.2 and prior
    • Enhancements in Foundstone 5.0
  • Installation
    • Installation planning exercise
    • Install process
  • Enterprise manager
    • User interface and navigation
  • Organization
    • Role-based administration
    • User/group/workgroup hierarchy
    • User group creation exercises
  • Scanning
    • Quick scan
    • Detailed view of each module
    • Scan management
    • Scan exercises
  • Results
    • Alerting
    • Reports
      • Reporting options
      • Reviewing results
      • Searching
    • Executive dashboard
  • Asset management
    • Classification
    • Grouping
    • Searching
      • Advanced searching
      • Filtering results

Day 2

 

 

  • Remediation tracking
    • Event notification and system integration Module
    • Remediation tickets and alerts
  • Threat module
    • Global configurations
    • Filtering and viewing threats
    • Threat correlation tips and tricks
  • Console administration
    • In-depth review of console
    • Templates
    • Engine preferences
    • Troubleshooting errors
    • DHCP correlation
  • Managing users, groups, and organizations
    • Organization and workgroup properties
    • Group membership
    • Granular user access rights
    • User audit logs
  • Managing reports
    • Creating different reporting formats
  • Managing metrics
    • Custom FoundScore
  • Customizing OS fingerprints
  • Scanning strategies
    • Scanning best practices
    • Tuning scanning parameters/optimization
    • Tuning large scans
  • Creating custom database queries
  • Foundstone extras
    • Supporting tools
    • Winwatch
    • MiniSQLmanager
    • FSDiag
    • FSDBUtil
    • FSL interpreter and language
  • Advanced deployment
    • Special configuration changes
  • Additional labs
    • Open exercises
    • Questions and answers and roundtable discussion