Online Skill Training app
Change Language

Free Analyst End Point Security Course (6Months)

Analyst End Point Security:

Analyst End Point Security(EPS): In the IT-ITeS Industry this role is sometimes IT Security Helpdesk for End points.

Brief Job Description: This job role is responsible for installing and configuring End Point Security (EPS) solutions as per instructions as well as troubleshooting and maintaining EPS solutions when required. The main duties consist of receiving and responding to alarms; gathering and analysing data pertaining to endpoint security issues; troubleshooting the same and performing day to day maintainance activities like upgradations, reports, etc. It also involves assisting in installation and configuring of the EPS tool or manager in an enterprise environment

Personal Attributes: This job may require the individual to work independently
and take decisions for his/her own area of work. The individual should be result
oriented and have a high attention for detail. The individual should also be able
to demonstrate communication skills, logical thinking along with willingness to
undertake desk-based job and work in shifts.

End Point Security

Troubleshoot and maintain endpoint security in an enterprise environment:

Performance Criteria

PC1. verify the scope of endpoint assets and components to be monitored with authorised persons
PC2. participate in day, evening or overnight security operations center shift schedule
PC3. receive shift handover along with relevant information, authorities and instructions
PC4. verify that endpoint security clients are online and functional
PC5. obtain reports and notifications from the endpoint security tool and respond as per laid out process for the same
PC6. use reports and logs to identify security problems and monitor status and security events
PC7. interpret the results of reports and determine the priorities and actions to take to remediate the situation
PC8. respond to endpoint security client messages and apply a solution accordingly
PC9. monitor and troubleshoot an endpoint security environment, its security management tools and client content delivery
PC10. monitor and troubleshoot protection and communication technologies using basic troubleshooting and other monitoring tools
PC11. troubleshoot and remediate a virus outbreak or client installation failures
PC12. enable debugging and gather logs for technical support use
PC13. identify and prevent false positives
PC14. upgrade and maintain the endpoint security environment and clients
PC15. manage clients through groups/locations
PC16. manage and apply policies such as virus and spyware protection policies, firewall policies, intrusion prevention policies, application and device control policies, update policies, and centralized exception policies
PC17. update products and content as per specifications received
PC18. check client status in the endpoint security manager
PC19. perform client deployment manager optimizations
PC20. create application and device control and firewall rules
PC21. use IT analytics to generate comprehensive reports from Endpoint Protection
PC22. collaborate with others to resolve information technology issues that are beyond own capabilities or job profile
PC23. report the results of the monitoring, ticket raising and ticket closure activities using standard documentation following organisational procedures
PC24. comply with relevant legislation, standards, policies and procedures
PC25. maintain a knowledge-base of the known problems and action taken for the same


Organizational
Context
You need to know and understand:
KA1. your organization’s policies, procedures, standards and guidelines for managing information security
KA2. your organization’s knowledge base and how to access and update this
KA3. limits of your role and responsibilities and who to seek guidance from
KA4. the organizational systems, procedures and tasks/checklists within the domain and how to use these
KA5. how to engage with both internal and external specialists for support in order to resolve incidents and service requests
KA6. service request procedures, tools, and techniques
KA7. the operating procedures that are applicable to the system(s) being used
KA8. standard tools and templates available and how to use these

Technical
Knowledge
You need to know and understand:
KB1. basic cyber security concepts
KB2. common application/system vulnerabilities, threat actors and mitigations
KB3. computer security incident detection & response activities
KB4. principles of intrusion detection, intrusion prevention, firewall operations and other general security practices
KB5. general information about infrastructure security tools such as firewalls, network security monitoring, anti-malware, content management, OS hardening, email security, etc.
KB6. virus and spyware protection technologies
KB7. network threat prevention technologies such as firewall technologies and intrusion prevention
KB8. proactive threat prevention technologies such as SONAR, heuristic based protection, and application and device control
KB9. database and web server concepts
KB10. process to upgrade an Endpoint Protection Manager and client
KB11. the features and functions in the endpoint security tool console and menus
KB12. options for updating clients
KB13. how communication works between clients, manager and the console and configure clients to communicate properly
KB14. endpoint Protection replication, load balancing, and failover
KB15. common endpoint security support tools currently available
KB16. endpoint Protection domains
KB17. the components that make up the Endpoint protection infrastructure
KB18. endpoint security related policy types and components
KB19. licensing requirements for EPS
KB20. typical response times and service times for problems
KB21. the importance of documenting, classifying, prioritizing service requests received over voice calls, email or internet and incident reports
KB22. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
KB23. types of addresses used on networks and why they are used
KB24. Operating System Internals
KB25. ITIL framework knowledge
KB26. Mobile device management and mobile application management

Writing Skills

You need to know and understand how to:
SA1. complete accurate well written work with attention to detail
SA2. document call logs, reports, task lists, and schedules with co-workers
SA3. prepare status and progress reports
SA4. log calls and raise tickets in the SIEM tool, providing proper indicators and descriptions as required
SA5. write memos and e-mail to customers, co-workers, and vendors to provide with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes
Reading Skills
You need to know and understand how to:
SA6. read about new products and services with reference to the organization and also from external forums such as websites and blogs
SA7. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets
SA8. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal
SA9. read policy manual, standard operating procedures and service level agreements relevant to work area
SA10. read emails received from own team, across team and external vendors and clients
Oral Communication (Listening and Speaking skills)
You need to know and understand how to:
SA11. discuss task lists, schedules, and work-loads with co-workers
SA12. give clear instructions to specialists/vendors/users/clients as required
SA13. keep stakeholders informed about progress
SA14. avoid using jargon, slang or acronyms when communicating with a customer, unless it is required
SA15. receive and make phone calls, including call forward, call hold, and call mute
B. Professional Skills
Decision Making
You need to know and understand how to:
SB1. follow rule-based decision-making processes
SB2. make a decision on a suitable course of action
Plan and Organize
You need to know and understand how to:
SB3. plan and organize your work to achieve targets and deadlines
Customer Centricity
You need to know and understand how to:
SB4. Identify internal or external customer requirement and priorities clearly with respect to work at hand
SB5. carry out rule-based transactions in line with customer-specific guidelines, procedures, rules and service level agreements
SB6. check that your own and/or your peers work meets customer requirements
Problem Solving
You need to know and understand how to:

SB7. apply problem-solving approaches in different situations
SB8. seek clarification on problems from others
Analytical Thinking
You need to know and understand how to:
SB9. analyze data and activities
SB10. configure data and disseminate relevant information to others
SB11. pass on relevant information to others
Critical Thinking
You need to know and understand how to:
SB12. provide opinions on work in a detailed and constructive way
SB13. apply balanced judgments to different situations
Attention to Detail
You need to know and understand how to:
SB14. check your work is complete and free from errors
Team Working
You need to know and understand how to:
SB15. work effectively in a team environment
SB16. work independently and collaboratively
C. Technical Skills
You need to know and understand how to:
SC1. operate the console of endpoint security tool
SC2. work on various operating systems
SC3. work with word processors, spreadsheets and presentations
SC4. stay abreast of the latest developments in terms of industry standards and information security tools and techniques

End Point Security

Assist in the installation of endpoint security measures:

Performance Criteria

be competent, you must be able to:
PC1. receive instructions from authorised source for task(s) to be performed for installation of endpoint security tool on server of client endpoint
PC2. install a management console on a server to help manage clients, product licenses and logs as per specifications provided
PC3. create a database containing settings, privileges, events and security policies as per specifications
PC4. integrate tool with directory services or LDAP
PC5. manage the endpoint security tools database settings as per instructions provided
PC6. activate the product with the appropriate license or serial number
PC7. create and manage administrator accounts in the Endpoint Security Manager Console
PC8. install and configure Linux clients on the endpoint security manager tool
PC9. configure Endpoint security replication, load balancing, and failover as per instructions provided
PC10. configure and implement Endpoint Protection domains as per instructions provided
PC11. start and navigate the endpoint protection manager
PC12. perform endpoint security console authentication
PC13. install software on client computers and devices, either directly or across the network as per instructions provided
PC14. configure clients for client software updates (automatic or pushed from the server) and virus definition updates, at a minimum
PC15. distinguish between client-mode and user-mode
PC16. install managed clients as per instructions provided
PC17. configure an unmanaged detector as per instructions provided
PC18. configuring endpoint protection clients to use Secure Socket Layer (SSL) communication
PC19. collaborate with others to resolve information technology issues that are beyond own capabilities or job profile
PC20. report the results of the monitoring, ticket raising and ticket closure activities using standard documentation following organisational procedures

PC21. obtain help or advice from specialist if the problem is outside his/her area of competence or experience
PC22. comply with relevant legislation, standards, policies and procedures
Knowledge and Understanding (K)

Organizational
Context
You need to know and understand:
KA1. your organization’s policies, procedures, standards, guidelines and service level agreements for responding to information security incidents
KA2. the day-to-day operations, procedures and tasks relating to your area of work your organization’s knowledge base and how to access and update this
KA3. organization’s knowledge base and how to access and update this
KA4. limits of your role and responsibilities and who to seek guidance from
KA5. the organizational systems, procedures and tasks/checklists within the domain and how to use these
KA6. how to engage with both internal and external specialists for support in order to resolve incidents and service requests
KA7. service request procedures, tools, and techniques
KA8. the operating procedures that are applicable to the system(s) being used
KA9. computer network defense (CND) policies, procedures, and regulations
KA10. standard tools and templates available and how to use these

Technical
Knowledge
You need to know and understand:
KB1. basic cyber security concepts
KB2. computer security incident detection & response activities
KB3. principles of intrusion detection, intrusion prevention, firewall operations, and other general security practices
KB4. general information about infrastructure security tools such as firewalls, network security monitoring, anti-malware, content management, OS hardening, email security, etc.
KB5. types of addresses used on networks and why they are used
KB6. virus and spyware protection technologies
KB7. network threat prevention technologies such as firewall technologies and intrusion prevention
KB8. proactive threat prevention technologies such as SONAR, heuristic based protection, and application and device control
KB9. database and web server concepts
KB10. client installation packages, settings, and features
KB11. process to install an Endpoint Protection Manager and client
KB12. the features and functions in the endpoint security tool console and menus
KB13. options for updating clients

KB14. how communication works between clients, manager and the console and configure clients to communicate properly
KB15. endpoint Protection replication, load balancing, and failover
KB16. common endpoint security support tools currently available
KB17. endpoint Protection domains
KB18. the components that make up the Endpoint Protection infrastructure
KB19. endpoint security related policy types and components
KB20. licensing requirements for EPS
KB21. typical response times and service times for problems
KB22. the importance of documenting, classifying, prioritizing service requests received over voice calls, email or internet and incident reports
KB23. the basic functionalities of the applications, hardware and/or access rights that are used by the customers
KB24. internet ports, protocols and services and their usefulness

Writing Skills
The user/ individual on the job needs to know and understand how to:
SA1. document call logs, reports, task lists, and schedules with co-workers
SA2. prepare status and progress reports
SA3. log calls and raise tickets in the Endpoint console tool, providing proper indicators and descriptions as required
SA4. write memos and e-mail to customers, co-workers, and vendors to provide them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes
Reading Skills
The user/individual on the job needs to know and understand how to:
SA5. read about new products and services with reference to the organization and also from external forums such as websites and blogs
SA6. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets
SA7. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal
SA8. read policy manual, standard operating procedures and service level agreements relevant to work area
SA9. read emails received from own team, across team and external vendors and clients

Oral Communication

You need to know and understand how to:
SA10. listen effectively and orally communicate information accurately
SA11. ask for clarification and advice from others
B. Professional Skills
Decision Making
You need to know and understand how to:
SB1. follow rule-based decision-making processes
SB2. make a decision on a suitable course of action
Plan and Organize
You need to know and understand how to:
SB3. plan and organize your work to achieve targets and deadlines
Customer Centricity
You need to know and understand how to:
SB4. build and maintain positive and effective relationships with customers
SB5. check that your own work meets customer requirements
Problem Solving
You need to know and understand how to:
SB6. apply problem solving approaches in different situations
SB7. seek clarification on problems from others
SB8. refer anomalies to the line manager
Analytical Thinking
You need to know and understand how to:
SB9. analyze data and activities
SB10. configure data and disseminate relevant information to others
SB11. pass on relevant information to others
Critical Thinking
You need to know and understand how to:
SB12. provide opinions on work in a detailed and constructive way
SB13. apply balanced judgments to different situations
Attention to Detail
You need to know and understand how to:
SB14. apply good attention to details
SB15. check your work is complete and free from errors
Team Working
You need to know and understand how to:
SB16. work effectively in a team environment
SB17. contribute to the quality of team working
SB18. work independently and collaboratively

Technical Skills
You need to know and understand how to:
SC1. install and configure the console of endpoint security tool
SC2. work on various operating systems
SC3. work with word processors, spreadsheets and presentations
SC4. stay abreast of the latest developments in terms of industry standards and information security tools and techniques

End Point Security

Manage your work to meet requirements:

Performance Criteria

PC1. establish and agree your work requirements with appropriate people
PC2. keep your immediate work area clean and tidy
PC3. utilize your time effectively
PC4. use resources correctly and efficiently
PC5. treat confidential information correctly
PC6. work in line with your organization’s policies and procedures
PC7. work within the limits of your job role
PC8. obtain guidance from appropriate people, where necessary
PC9. ensure your work meets the agreed requirements

Organizational
Context
You need to know and understand:
KA1. your organization’s policies, procedures and priorities for your area of work and your role and responsibilities in carrying out your work
KA2. limits of your responsibilities and when to involve others
KA3. your specific work requirements and who these must be agreed with
KA4. the importance of having a tidy work area and how to do this
KA5. how to prioritize your workload according to urgency and importance and the benefits of this
KA6. your organization’s policies and procedures for dealing with confidential information and the importance of complying with these
KA7. the purpose of keeping others updated with the progress of your work
KA8. who to obtain guidance from and the typical circumstances when this may be required
KA9. the purpose and value of being flexible and adapting work plans to reflect change

Technical
Knowledge
You need to know and understand:
KB1. the importance of completing work accurately and how to do this
KB2. appropriate timescales for completing your work and the implications of not meeting these for you and the organization
KB3. resources needed for your work and how to obtain and use these

Writing Skills
You need to know and understand how to:
SA1. complete accurate work with attention to detail

Reading Skills
You need to know and understand how to:
SA2. read instructions, guidelines, procedures, rules and service level agreements
Oral Communication (Listening and Speaking skills)
You need to know and understand how to:
SA3. ask for clarification and advice from line managers
SA4. communicate orally with colleagues

End Point Security

Professional Skills

Decision Making
You need to know and understand how to:
SB1. make a decision on a suitable course of action

Plan and Organize
You need to know and understand how to:
SB2. plan and organize your work to achieve targets and deadlines
SB3. agree objectives and work requirements

Customer Centricity
You need to know and understand how to:
SB4. deliver consistent and reliable service to customers

SB5. check that your own work meets customer requirements

Problem Solving
You need to know and understand how to:
SB6. refer anomalies to the line manager
SB7. seek clarification on problems from others

Analytical Thinking
You need to know and understand how to:
SB8. provide relevant information to others
SB9. analyze needs, requirements and dependencies in order to meet your work requirements

Critical Thinking
You need to know and understand how to:
SB10. apply judgments to different situations

Attention to Detail
You need to know and understand how to:
SB11. check your work is complete and free from errors
SB12. get your work checked by peers

Team Working
You need to know and understand how to:
SB13. work effectively in a team environment

Technical Skills
You need to know and understand how to:
SC1. use information technology effectively, to input and/or extract data accurately
SC2. identify and refer anomalies in data
SC3. store and retrieve information
SC4. keep up to date with changes, procedures and practices in your role

Guidelines for Assessment:

  1. Criteria for assessment for each Qualification Pack (QP) will be created by the Sector Skill Council (SSC). Each performance criteria (PC) will be assigned Theory and Skill/Practical marks proportional to its importance in NOS.
  2. The assessment will be conducted online through assessment providers authorised by SSC.
  3. Format of questions will include a variety of styles suitable to the PC being tested such as multiple choice questions, fill in the blanks, situational judgment test, simulation and programming test.
  4. To pass a QP, a trainee should pass each individual NOS. Standard passing criteria for each NOS is 70%.