The Symantec Control Compliance Suite (CCS) 11.0 Administration course is designed for professionals who are tasked with ensuring the security of their computingenterprise and compliance with both external and internal mandates.
This course focuses on using Control Compliance Suite 11.0 to define risk and compliance objectives; develop policies and controls to govern the enterprise; assess compliance with policies, standards, and other mandates; remediate vulnerabilities and deviations from requirements; and create reports and dashboards to demonstrate compliance to multiple audiences.
You must have working knowledge of advanced computer terminology, including TCP/IP networking terms, security, and Internet terms, and administrator levelknowledge of Microsoft Windows 2000/XP/2003 operating systems.
Introduction to CCS 11.0
- Overview of compliance
- Symantec approach to ITGRC
- Implementing ITGRC with CCS 11.0
- What’s new in CCS 11.0
Installing the CCS Suite
Upgrading the CCS Suite
- Upgrading the CCS Suite
- Upgrading a stand-alone Directory Server
- Migrating CCS
Installing and Upgrading CCS Managers and Agents
- Installing CCS Managers
- Installing CCS Agents
- Upgrading CCS Managers and Agents
- Getting started tasks
- Preparing for data collection
Getting Started with CCS 11.0
- Importing assets
- Collecting and evaluating data
- Managing entitlements
- Working with standards
- Assessing compliance with standards
- Managing exceptions
- Overview of policies
- Understanding the policy life cycle
- Managing policy compliance
- About Controls Studio
- Using Controls Studio
Response Assessment Module
- Introducing RAM
- Getting started with RAM
- Evaluating results
- SCAP capabilities in CCS
- Working with SCAP benchmarks
Ad Hoc Queries
- Query building
- Querying your enterprise
Reporting and Dashboards
- Reporting overview
- Working with dynamic dashboards
- Managing reports
- Introducing CCS-VM
- Importing data into CCS
- Viewing vulnerability assessment data
- Risk management concepts
- Utilizing the Risk Management module
External Data Systems
- Connecting to external data sources
- Connecting to Symantec products
- Overview of third-party connectors
By the end of this course, you should be able to:
- Define business and risk objectives.
- Create policies to comply with multiple mandates.
- Map controls to policies and reduce duplication.
- Identify deviations from technical standards.
- Discover critical vulnerabilities.
- Assess technical and procedural compliance.
- Evaluate procedural controls.
- Combine data from external data sources.
- Create reports to demonstrate compliance.
- Correlate risks across business assets.
- Create high-level dashboards to display security and compliance posture.
- Prioritize remediation based on risk.
- Track remediation efforts end to end.
- Automate remediation ticketing.
This course is for computer professionals involved with security compliance using CCS 11.0.