CODE: FNT_FT-FSM-ADM
LÄNGE: 24 Hours (3 Tage)
PREIS: €2.900,00
After completing this course, you should be able to:
Describe FortiSIEM key features and deployment architectures
Describe FortiSIEM indicators of compromise (IoC) and reputation check
Describe how FortiSIEM receives, collects, normalizes, and enriches logs
Describe event type classifications
Describe customer scaling with FortiSIEM collectors and collector high availability (HA)
Describe FortiSIEM agent architecture for managed security services providers (MSSP)
Describe various Fortinet Security Fabric integrations
Perform initial configurations, and role-based access management (RBAC)
Configure and troubleshoot asset discovery
View performance metrics and perform actions in the configuration management database (CMDB)
Deploy, assign, register, and upgrade collectors for MSSP customers
Configure and manage collector HA
Create and monitor critical business services l Analyze business services dashboards
Install and register FortiSIEM agents
Monitor agent status on the CMDB
Monitor events per second (EPS) usage
Configure event dropping rules
Configure identity and location information in the CMDB
Deploy AI-based user entity behavior analysis (UEBA)
Configure on-net and off-net detection, and FortiInsight watchlists
Configure zero-trust network access (ZTNA) integration
Create custom dashboards
Load, save, schedule, and import reports
Create and run CMDB and UEBA reports
Manage collection jobs
Define maintenance schedules
Monitor system status with FortiSIEM health check scripts
Collect and analyze system logs
In this course, you will learn about FortiSIEM initial configurations and architecture, and the discovery of devices on the network. You will also learn how to collect performance information and aggregate it with syslog data to enrich the overall view of the health of your environment, use the configuration database to greatly facilitate compliance audits, and integrate FortiSIEM into your network awareness infrastructure.
Product Version FortiSIEM 7.2
Security professionals involved in the deployment, administration, maintenance, and troubleshooting of FortiSIEM devices should attend this course
You must have an understanding of the topics covered in the following course, or have equivalent experience:
FCF - FortiGate Operator
1. Architecture
2. SIEM and PAM Concepts
3. Discovery
4. Collectors
5. Agents
6. Fortinet Fabric Integration
7. Reports and Dashboards
8. Maintaining and Tuning
9. Troubleshooting
N/A
ISC2
CPE training hours: 7
CPE lab hours: 8
CISSP domains: Security Operations