Comprehensive Guide to McAfee Application Control and Change Control Administration (MACCC) Course

Download Course Contents

McAfee Application Control and McAfee Change Control Administration (MACCC) Course Overview

The McAfee Application Control and McAfee Change Control Administration (MACCC) certification revolves around empowerment of professionals with the technical competence to effectively manage and monitor networks using McAfee technology. This specialized skillset ensures proactive protection of systems against unauthorized applications and change controls, minimizing cybersecurity risks. MACCC-certified individuals primarily assist businesses in implementing and utilizing McAfee's Application Control and Change Control software, boosting system and data integrity. Industries utilize this certification to endorse professionals who can safeguard crucial data, maintain regulatory compliance, and enhance operational effectiveness, by preventing unauthorized changes, and mitigating sophisticated cybersecurity threats.

This is a Rare Course and it can be take up to 3 weeks to arrange the training.


The 1-on-1 Advantage

Get 1-on-1 session with our expert trainers at a date & time of your convenience.

Flexible Dates

Start your session at a date of your choice-weekend & evening slots included, and reschedule if necessary.

4-Hour Sessions

Training never been so convenient- attend training sessions 4-hour long for easy learning.

Destination Training

Attend trainings at some of the most loved cities such as Dubai, London, Delhi(India), Goa, Singapore, New York and Sydney.

You will learn:

Module 1: Introduction to the McAfee Application Control/Change Control
  • What is MACCC?
  • Solidcore Architecture
  • Multi-layered Security Solution
  • Whitelisting
  • Trust Model
  • Image Deviation
  • Differentiators
  • Visibility and Enforcement for End-to-end Compliance
  • File Integrity Monitoring
  • Change Prevention
  • Install Workflow
  • Navigation to Solidcore Components
  • Solidcore Configuration
  • Updaters or Publishers
  • Solidcore Configuration
  • Installers
  • Solidcore Policies
  • Windows Path Definitions
  • Solidcore Server Tasks
  • Solidcore: Purge Task
  • Migration Server Task
  • Calculate Predominant Observations (Deprecated)
  • Content Change Tracking Report Generation
  • Solidcore: Run Image Deviation
  • Image Deviation (Application Control)
  • Specifying a Golden Image
  • Solidcore: Scan a Software Repository
  • ePO Server Prerequisite Software
  • Supported SQL Server Releases
  • Default Communication Ports
  • Default Ports
  • Determining Ports in Use
  • Deployment Scenario: Basic Plan
  • Solution A: One ePO Server
  • Solution B: Two ePO Servers
  • Solution C: ePO server with Agent Handlers
  • Deployment Scenario: Disk Configuration
  • Solution: Less than 5,000 Nodes
  • Solution: 5,000 to 25,000 Nodes
  • Deployment Scenario: Disk Configuration
  • Solution: 25,000 to 75,000 Nodes
  • Solution: More than 75,000 Nodes
  • How Products and Events Affect Calculations
  • Example: Calculating Averages
  • Calculating Your Environment
  • Security Evolution
  • Security Connected
  • Breadth and Depth for Security
  • ePO Solution Overview
  • How ePO Works
  • Essential Features
  • ePO Web Interface
  • Menu Page
  • Agent Components
  • Agent-Server Secure Communication Keys
  • Communication after Agent Installation
  • Typical Agent-to-Server Communication
  • McAfee Agent-to-Product Communication
  • Forcing Agent Activity from Server
  • Wake-up Calls and Wake-up Tasks
  • Configuring Agent Wake-up
  • Locating Agent Node Using DNS
  • Forcing McAfee Agent Activity from Client
  • Viewing McAfee Agent Log
  • ePO 4.x/McAfee Agent 4.x Feature Dependencies
  • Agent Files and Directories
  • McAfee Agent Log Files
  • Using Log Files
  • Installation Folders
  • Extensions in ePO
  • Extensions Menu
  • Integration of AC/CC Extension
  • ePO Database Sizing
  • Installation of Extension
  • Solidcore Licensing
  • What is Solidcore?
  • Install Workflow Review
  • Installing Licenses
  • Solidcore Database Tables
  • The agent plug-in and how it works
  • Types of Platforms Protected
  • Supported Systems
  • Check-in Agent Plug-in Package into ePO
  • Deploying the Solidcore Agent Plugin
  • Verifying Installation from the Endpoint
  • Solidcore Client Tasks
  • Enable Solidcore Agent Task
  • Disable Solidcore Agent Task
  • Initial Scan to Create Whitelist
  • Pull Inventory
  • Begin Update Mode
  • End Update Mode
  • Change Local CLI Access
  • Collect Debug Info
  • Run Commands
  • Get Diagnostics for Programs
  • Features for the Client
  • Client Notifications and Events
  • Client Events and Approvals
  • Customizing Client Notifications
  • What are Observations?
  • Observe Mode
  • Manage requests
  • Review requests
  • Process requests
  • Allow by a checksum on all endpoints
  • Allow by publisher on all endpoints
  • The ban by a checksum on all endpoints
  • Define custom rules for specific endpoints
  • Allow by adding to whitelist for specific endpoints
  • Define bypass rules for all endpoints
  • Delete requests
  • Review created rules
  • Throttle observations
  • Define the threshold value
  • Review filter rules
  • Manage accumulated requests
  • Exit Observe mode
  • Inventory Introduction
  • Fetch Inventory
  • GTI Integration
  • Trust level and score
  • Cloud Trust Score
  • Inventory Without Access to GTI
  • Fetch McAfee GTI ratings for isolated networks
  • Export SHA1s of all binaries
  • Run the Offline GTI tool
  • Fetch Inventory – Bad File Found Event
  • Manage the inventory
  • Manage Binaries
  • Application Control Policies
  • Role of the Policy
  • Application Control Configuration
  • Managing Rule Groups
  • Creating an Application Control Rule Group
  • Updater Tab
  • Trusted Users
  • Using a Rule Group to Block an Application
  • What is Update Mode?
  • How to Update a Solidified System
  • Auto-Updaters
  • Authorized Updaters
  • Determining Updaters
  • Understanding Publishers
  • Understanding Installers
  • Scan a Software Repository
  • Revisit – Solidcore Permission Sets
  • Reboot Free Activation
  • Inventory Management Enhancements
  • Inventory Management – Pull Inventory
  • Inventory By Application
  • Inventory By Systems
  • Inventory Application Drill-down
  • Inventory Binary Drill-down
  • Modifying Enterprise Trust Level
  • Understanding Events
  • What Creates an Event
  • When Are Events Sent Back?
  • Viewing Events
  • Advanced Filters
  • Selecting Columns to Display
  • Viewing the Details of an Event
  • Solidcore Events
  • Example of Solidcore Events
  • Application Control Events
  • Planning Automatic Responses
  • Throttling, Aggregation, and Grouping
  • Understanding Alerts
  • Configuring a Solidcore Alert
  • Viewing an Alert
  • Support of SNMP Alerts
  • Customizing End-User Notifications
  • Syslog Enhancements
  • Application Control & Change Control
  • Change Control & Integrity Monitoring
  • Disable Solidcore
  • Enable Solidcore on the Endpoint
  • Verifying Client Task Completion
  • Integrity Monitoring Policies
  • Using Integrity Monitor
  • Creating an Integrity Monitor policy
  • Integrity Monitoring Policies
  • Testing your Monitoring
  • Reducing “Noise”
  • Example of Reducing “Noise”
  • Change Control Policies
  • Variables for Use in Policies
  • Example of Variables in a Rule Group
  • Write Protect a File, Trusted Program can Alter
  • Write Protect a Registry Key, Program can Alter
  • Write Protect a File, Trusted User can Alter
  • Verifying only Trusted User can Alter
  • Read Protection must be Enabled
  • Read Protect a File, Trusted Program can Access
  • Emergency Changes
  • Content Change Tracking
  • One-Click Exclusion (Advanced Exclusion Filtering)
  • One-Click Exclusion Configuration
  • ePO Dashboards
  • Queries As Dashboard Monitors
  • Dashboard Access
  • Dashboard Configuration
  • Solidcore Dashboards
  • Application Control Dashboard
  • Change Control Dashboard
  • Integrity Monitor Dashboard
  • Inventory Dashboard
  • Solidcore Queries
  • Reporting > Solidcore
  • Application Control > Inventory
  • Application Control > Image Deviation
  • Automation > Solidcore Client Task Log
  • Creating a Customized Dashboard
  • Making a Dashboard Public
  • Set the Default Dashboard
  • Solidcore Architecture and Components
  • Solidcore 6.1.3 Architecture
  • Troubleshooting References
  • Location of Solidcore Files on Endpoint
  • ePolicy Orchestrator Application Server Service Logs
  • Solidcore Registry Keys on Endpoint
  • Solidcore Services
  • Troubleshooting Best Practice
  • Escalation Best Practices
  • Troubleshooting GTI Cloud Issues Best Practice
  • Top Issues – Task Failure
  • Top Issues – Denied Execution Issues
  • Top Issues – Denied Execution of a Network Share
  • Top Issues – Network Share
  • Top Issues – KB
  • Useful Tools
  • Solidcore Event Logs
  • Solidcore User Notifications
  • Solidcore Troubleshooting Tools
  • Escalation Tools
  • Minimum Escalation Requirements (MER)
  • Running MER Tool on Client
  • Dump Tools
  • A Case from History
  • Unpatched, Known Vulnerabilities in the Client
  • Browser-based Exploits
  • The Remedy
  • Application Whitelisting
  • Increasing Compliance Requirements
  • Remedy
  • File Monitoring
  • Complete the Task
  • Solidcore CLI
  • Viewing the CLI Access
  • Enabling the CLI
  • Unlocking the CLI Locally
  • Securing the CLI
  • Using the CLI
  • SADMIN Commands
  • Solidifying from the CLI
  • Unsolidifying
  • What is Solidcore’s Status?
  • Beginning the Update Status
  • Ending the Update Status
  • Enabling and Disabling Solidifier
  • SADMIN Commands
  • Advanced SADMIN Commands
  • Solidcore Commands
  • New CLI Commands
  • Application Control Rules & Helpful Commands
  • Read/Write Protect Files
  • Change Control Commands – Write Protection
  • How To Write Protect a File
  • Modifying a Read/Write Protected Files
  • Change Control Features – Write Protection
  • Application Control
  • Authorize Command Arguments
  • Discovering and Adding Updaters
  • SADMIN Diag Notations
  • Discovering and Adding Updaters
  • Using Attributes to Control File Execution
  • Using Attributes to Control File Execution
  • Viewing Solidcore Events
  • Event Sinks
  • Logging Events
  • Event Names and Log Entries
  • Product Tools
  • Review of Initial Setup Tasks
  • Systems Tree Infrastructure
  • Communication between ePO and Agent
  • Activation Options: Application Control Only
  • Inventory Collection Scan
  • Protection State Selection
  • Protection State Delivery
  • Testing Protection mechanisms
  • Policies and Rule Groups
  • Policy Tuning
  • Bypass Rules and Exclusions
  • Inventory and Whitelist
  • Updaters
  • Application Control Memory Protection
  • Basic Troubleshooting and FAQs
  • Solving Memory Discrepancies
  • Helpful Resources
Live Online Training (Duration : 32 Hours) Fee On Request
We Offer :
  • 1-on-1 Public - Select your own start date. Other students can be merged.
  • 1-on-1 Private - Select your own start date. You will be the only student in the class.

4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Group Training
Date On Request
Course Prerequisites
• Basic understanding of McAfee ePolicy Orchestrator (ePO).
• Familiarity with Windows server administration.
• Knowledge of network administration, including TCP/IP terminology and technologies.
• Experience with security technologies, specifically authorization, authentication, and encryption are highly recommended.
• Awareness of computers, internet, and network terminologies.

McAfee Application Control and McAfee Change Control Administration (MACCC) Certification Training Overview

McAfee Application Control & Change Control Administration (MACCC) certification training provides comprehensive understanding of McAfee's advanced security solutions. Topics covered include installation, configuration, policy management and troubleshooting of McAfee Application Control and Change Control products. Participants earn expertise in software whitelisting and change policy enforcement. The course also delves into detailed reporting, system event reviews, and understanding threat landscapes, enabling professionals to conduct in-depth cybersecurity procedures.

Why Should You Learn McAfee Application Control and McAfee Change Control Administration (MACCC)?

Learning the MACCC course equips individuals with skills to prevent unauthorized applications and change execution in businesses, elevating security measures. It offers mastery in maintaining system integrity, enhancing network troubleshooting, reducing operational costs, and increasing compliance with regulations. Ultimately, this leads to boosted career prospects in the cybersecurity field.

Target Audience for McAfee Application Control and McAfee Change Control Administration (MACCC) Certification Training

- IT professionals managing security infrastructure
- System administrators responsible for endpoint protection
- Security analysts seeking to improve their cyber defense capabilities
- Individuals holding roles related to access and change management
- Teams implementing or maintaining McAfee Application Control and Change Control solutions

Why Choose Koenig for McAfee Application Control and McAfee Change Control Administration (MACCC) Certification Training?

- Certifed Instructor: All MACCC trainings at Koenig Solutions are conducted by certified instructors ensuring high quality results.
- Boost Your Career: Gain in-demand knowledge and enhance your skill set, increasing employability.
- Customized Training Programs: Each program is tailored to match individual career goals and organizational needs.
- Destination Training: Offers unique opportunity to learn in world-class training destinations.
- Affordable Pricing: Offers competitive pricing without compromising on quality.
- Top Training Institute: Known globally for providing top-rated training programs.
- Flexible Dates: Select training dates as per convenience.
- Instructor-Led Online Training: Experience real-time learning from anywhere in the world.
- Wide Range of Courses: Choose from a vast catalog of IT and cybersecurity courses.
- Accredited Training: All courses are accredited and recognized globally, ensuring your skills are industry-relevant.

McAfee Application Control and McAfee Change Control Administration (MACCC) Skills Measured

After completing the MACCC certification training, individuals will gain skills in managing and mitigating risks associated with system vulnerabilities, ensuring application integrity, understanding and implementing change control processes, enforcing compliance standards, and preventing unauthorized software execution. This certification will imbue individuals with advanced knowledge of McAfee Application Control features and functionalities and help them understand how to integrate and leverage it within their organization’s information security framework.

Top Companies Hiring McAfee Application Control and McAfee Change Control Administration (MACCC) Certified Professionals

Leading companies such as IBM, Accenture, Infosys, McAfee itself and various Fortune 500 firms are actively seeking professionals certified in MACCC. These organizations require their expertise for systems protection and managing change controls, thereby aligning with their security and operational protocols. This certification signifies a strong understanding of application security, which is highly valued in the IT industry.

Learning Objectives - What you will Learn in this McAfee Application Control and McAfee Change Control Administration (MACCC) Course?

The learning objectives of the McAfee Application Control and McAfee Change Control Administration (MACCC) course are to equip attendees with an in-depth understanding of the software's functionalities, implementation, and benefits. Participants will learn to protect systems against unwanted applications and unauthorized changes through the use of whitelisting and change control. They will also acquire knowledge on how to use and manage these McAfee solutions, execute the policy compliance feature, analyze and respond to events, and troubleshoot common issues. Additionally, the course aims to enhance participants' ability to reduce risk, ensure system integrity, and improve their organization's operational efficiency.


Yes, if we have an office in your city.
Yes, we also offer weekend classes.
Yes, Koenig follows a BYOL(Bring Your Own Laptop) policy.
Yes, we do. For details go to flexi
You can pay through debit/credit card or bank wire transfer.
Yes you can request your customer experience manager for the same.
1-on-1 Public - Select your start date. Other students can be merged.
1-on-1 Private - Select your start date. You will be the only student in the class.
Yes, course requiring practical include hands-on labs.
You can buy online from the page by clicking on "Buy Now". You can view alternate payment method on payment options page.
Yes, you can pay from the course page and flexi page.
Yes, the site is secure by utilizing Secure Sockets Layer (SSL) Technology. SSL technology enables the encryption of sensitive information during online transactions. We use the highest assurance SSL/TLS certificate, which ensures that no unauthorized person can get to your sensitive payment data over the web.
We use the best standards in Internet security. Any data retained is not shared with third parties.
You can request a refund if you do not wish to enroll in the course.
To receive an acknowledgment of your online payment, you should have a valid email address. At the point when you enter your name, Visa, and other data, you have the option of entering your email address. Would it be a good idea for you to decide to enter your email address, confirmation of your payment will be emailed to you.
After you submit your payment, you will land on the payment confirmation screen.It contains your payment confirmation message. You will likewise get a confirmation email after your transaction is submitted.
We do accept all major credit cards from Visa, Mastercard, American Express, and Discover.
Credit card transactions normally take 48 hours to settle. Approval is given right away; however,it takes 48 hours for the money to be moved.
Yes, we do accept partial payments, you may use one payment method for part of the transaction and another payment method for other parts of the transaction.
It is recommended but not mandatory. Being acquainted with the basic course material will enable you and the trainer to move at a desired pace during classes.You can access courseware for most vendors.
Yes, this is our official email address which we use if a recipient is not able to receive emails from our email address.
Buy-Now. Pay-Later option is available using credit card in USA and India only.
You will receive the letter of course attendance post training completion via learning enhancement tool after registration.
Yes you can.
Yes, we do offer corporate training More details
Yes, we do.
Yes, fee excludes local taxes.
Yes, we do.
Schedule for Group Training is decided by Koenig. Schedule for 1-on-1 is decided by you.
In 1 on 1 Public you can select your own schedule, other students can be merged. Choose 1-on-1 if published schedule doesn't meet your requirement. If you want a private session, opt for 1-on-1 Private.
Duration of Ultra-Fast Track is 50% of the duration of the Standard Track. Yes(course content is same).

Prices & Payments

Yes of course.
Yes, We are

Travel and Visa

Yes we do after your registration for course.

Food and Beverages



Says our CEO-
“It is an interesting story and dates back half a century. My father started a manufacturing business in India in the 1960's for import substitute electromechanical components such as microswitches. German and Japanese goods were held in high esteem so he named his company Essen Deinki (Essen is a well known industrial town in Germany and Deinki is Japanese for electric company). His products were very good quality and the fact that they sounded German and Japanese also helped. He did quite well. In 1970s he branched out into electronic products and again looked for a German name. This time he chose Koenig, and Koenig Electronics was born. In 1990s after graduating from college I was looking for a name for my company and Koenig Solutions sounded just right. Initially we had marketed under the brand of Digital Equipment Corporation but DEC went out of business and we switched to the Koenig name. Koenig is difficult to pronounce and marketeers said it is not a good choice for a B2C brand. But it has proven lucky for us.” – Says Rohit Aggarwal (Founder and CEO - Koenig Solutions)
All our trainers are fluent in English . Majority of our customers are from outside India and our trainers speak in a neutral accent which is easily understandable by students from all nationalities. Our money back guarantee also stands for accent of the trainer.
Medical services in India are at par with the world and are a fraction of costs in Europe and USA. A number of our students have scheduled cosmetic, dental and ocular procedures during their stay in India. We can provide advice about this, on request.
Yes, if you send 4 participants, we can offer an exclusive training for them which can be started from Any Date™ suitable for you.