The tasks you will accomplish in this chapter are essential for any System Center Endpoint Protection (SCEP) administrator. Although many of the procedures can also be performed from within your System Center 2012 Configuration Manager (SCCM) console, it is also vital to understand how to perform these procedures at a local client level. As isolating infected PCs (or PCs that are suspected to be infected) from the rest of your corporate network is a commonly accepted best practice, a hands-on approach is often needed to remediate malware issues.

This chapter will cover all the essential skills an AV admin using SCEP will need to know, from finding and understating the SCEP client logs, to performing on demand scans with just the command line.