Advanced Analytics
You must have an understanding of the topics covered in the following courses, or have equivalent experience:
- NSE 4 FortiGate Security
- NSE 4 FortiGate Infrastructure
- NSE 5 FortiSIEM
It is also highly recommended that you have an understanding, or equivalent experience with, Python programming, Jinja2 template language for Python, Linux systems, and SOAR technologies.
- Introduction to Multi-Tenancy
- Defining Collectors and Agents
- Operating Collectors
- Windows and Linux Agents
- Rules
- Single Subpattern Security Rule
- Multiple Subpattern Rules
- Introduction to Baseline
- Baseline
- UEBA
- MITRE ATT&CK
- Clear Conditions
- Remediation
After completing this course, you should be able to:
- Identify various implementation requirements for a multi-tenant FortiSIEM deployment
- Deploy FortiSIEM in a hybrid environment with and without collectors
- Design multi-tenant solutions with FortiSIEM
- Deploy collectors in a multi-tenant environment
- Manage EPS assignment and restrictions on FortiSIEM
- Manage resource utilization of a multi-tenant FortiSIEM cluster
- Maintain and troubleshoot a collector installation
- Deploy and manage Windows and Linux agents
- Create rules by evaluating security events
- Define actions for a single pattern security rule
- Identify the incident attributes that trigger an incident
- Identify multiple pattern security rules and define conditions and actions for them
- Differentiate between a standard and baseline report
- Create your own baseline profiles
- Examine the MITRE ATT&CK framework integration on FortiSIEM and FortiSOAR
- Deploy FortiSIEM UEBA agents
- Examine UEBA rules, reports, event types, and windows template
- Configure clear conditions on FortiSIEM
- Analyze some out-of-the-box remediation scripts
- Configure various remediation methods on FortiSIEM
- Integrate FortiSOAR with FortiSIEM
- Remediate incidents from FortiSOAR
If you take the online format of this class, you must use a computer that has the following:
- A high-speed Internet connection
- An up-to-date web browser
- A PDF viewer
- Speakers or headphones
- One of the following:
- HTML 5 support
- An up-to-date Java Runtime Environment (JRE) with Java Plugin enabled on your web browser
You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.
También puede descargar esta información en formato PDF.
Nota: Para inscribirse debe hacer un depósito o transferencia a la siguiente cuenta en bolivianos Nro. 10000019891048 del Banco Unión a nombre de Claudia Riveros Gomez.
Luego haga clic en Inscribirse y adjunte el comprobante bancario de transferencia o depósito.