Training Fortinet

Kursbeschreibung

code: NSE5-SO-FortiAnalyzer-A | version: 7.6.x

In this course, you will gain the practical skills of a SOC analyst using FortiAnalyzer for centralized logging and analytics. You will learn how to examine and manage events, and automate threat response using event handlers and playbooks. You will also learn how to identify current and potential threats through incident analysis and outbreak reports. Finally, you will learn how to incorporate FortiAI in your workflow and generate security reports.

 

Objectives

After completing this course, you should be able to:

  • Describe SOC objectives, responsibilities, and roles
  • Describe the role of FortiAnalyzer in a SOC
  • Describe FortiAnalyzer Security Fabric integration
  • Describe how logging works in a Security Fabric
  • Describe FortiAnalyzer Fabric deployments
  • Describe FortiAnalyzer operating modes
  • Describe how FortiAnalyzer parses and normalizes logs
  • Validate log parsers
  • Search logs using normalized fields
  • View and search for logs in the log view
  • Create saved filters and dashboards
  • View summary data in FortiView
  • View dashboards and widget features
  • Configure event handlers
  • Manage events
  • Configure indicators
  • Create incidents
  • Analyze incidents
  • Configure incident settings
  • Describe FortiAI operations and use cases
  • Describe threat hunting
  • Use the log count chart
  • Use the SIEM log analytics table
  • Describe outbreak alerts
  • Collect log volume statistics
  • Configure an automation stitch
  • Configure an event handler with an automation stitch enabled
  • Run and fine-tune predefined reports
  • Customize reports with macros, custom charts, and datasets
  • Configure external storage for reports
  • Group reports
  • Import and export reports and charts
  • Attach reports to incidents
  • Manage and troubleshoot reports
  • Create new playbooks
  • Use variables in tasks
  • Monitor playbooks
  • Export and import playbooks

 

Who Should Attend

Security professionals responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer should attend this course.

Kursinhalte Liste anzeigen

  • SOC Concepts and Security Fabric
  • Log Data Flow and Navigation
  • Events, Indicators, and Incidents
  • FortiAI, Threat Hunting, and Troubleshooting
  • Reports
  • Playbooks
TRAININGSPLAN ALS PDF HERUNTERLADEN

Zusätzliche Informationen

Voraussetzungen

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • FortiOS Administrator/FortiGate Administator
  • FortiAnalyzer Administrator

It is also recommended that you have knowledge of the following topic:

  • SQL SELECT statement syntax
Schwierigkeitsgrad
Zeitdauer 2 tage
Zertifikat

The participants will obtain certificates signed by Fortinet (course completion).

This course is intended to help you prepare for the Fortinet NSE 5 - FortiAnalyzer Analyst exam. This exam is part of the FCP Security Operations certification track.
Trainer

Fortinet Certified Trainer (FCT)
Zusätzliche Informationen

ISC2

  • CPE training hours: 6
  • CPE lab hours: 5
  • CISSP domains: Security Operations

Zusätzliche kurse Fortinet | FortiAnalyzer

Fortinet show more courses
Training thematically related

Cybersecurity

Security+ | CompTIA

CySA+ | CompTIA

PenTest+ | CompTIA

SecurityX (formerly CASP+) | CompTIA

Certified Ethical Hacker | EC-Council

Certified SOC Analyst | EC-Council

Certified Penetration Testing Professional | EC-Council

Advanced WAF (AWAF) | F5

Access Policy Manager (APM) | F5

Advanced Firewall Manager (AFM) | F5

NGINX | F5

FortiGate | Fortinet

FortiAnalyzer | Fortinet

FortiManager | Fortinet

SD-WAN | Fortinet

FortiAuthenticator | Fortinet

FortiWeb | Fortinet

FortiMail | Fortinet

FortiSIEM | Fortinet

Wireless LAN | Fortinet

NIOS Security | Infoblox

Cyber security | ISC2

Firewall | Palo Alto Networks

SASE | Palo Alto Networks

Cortex XDR | Palo Alto Networks

Cortex XSOAR | Palo Alto Networks

Cortex XSIAM | Palo Alto Networks

Kontaktformular

Für weitere Informationen zu dieser Schulung füllen Sie bitte das untenstehende Formular aus.






* Mit (*) gekennzeichnete Felder sind Pflichtfelder!

Informationen zur Datenverarbeitung durch Compendium Centrum Edukacyjne Spółka z o.o.

PREIS 1400 EUR

FORM DER TRAINING ?

 

SCHULUNGSUNTERLAGEN ?

 

SCHULUNGSTERMIN WÄHLEN

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • German
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • German
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • German
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • German
SCHULUNGSTERMINE BUCHEN
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

Kommende Fortinet Kurse

KURSPLAN Fortinet