FT-SIEMA — FortiSIEM Analyst (NSE6)

  • Duration: 3 days (24 hours)
  • Date: по запросу

FT-SIEMA — FortiSIEM Analyst (NSE6)

This course will help:
  • Gain knowledge and skills in using FortiSIEM to search, enrich, and analyze events in an MSSP environment
  • Develop practical skills in configuring correlation rules, dashboards, and alerts for effective threat response
  • Prepare for the Fortinet NSE 6 exam (FortiSIEM module)
  • Learn how to integrate FortiSIEM with other Fortinet ecosystem products and third-party solutions
Sign up for a course
Add to cart

Course syllabus:

  • Introduction to FortiSIEM
  • Analytics
  • Nested Queries and Lookup Tables
  • Rules and Subpatterns
  • Incidents
  • Clear Conditions and Remediation
  • Threat Hunting
  • Performance Metrics and Baselines
  • Machine Learning
  • User and Entity Behavior Analytics
  • FortiSIEM ZTNA
  • Reports and Dashboards

You will learn:

  • Describe how FortiSIEM solves common cybersecurity challenges
  • Describe the main components and the unique database architecture on FortiSIEM
  • Perform real-time and historical searches
  • Define structured search operators and search conditions
  • Reference the CMDB data in structured searches
  • Configure display fields and columns
  • Build queries from search results and events
  • Build nested queries and lookup tables
  • Build rule subpatterns and conditions
  • Manage and tune incidents
  • Resolve an incident
  • Create time-based and pattern-based clear conditions
  • Configure automation policies
  • Create rules using baselines
  • Analyze anomalies against baselines
  • Describe the threat hunting workflow
  • Analyze threat hunting dashboards
  • Describe FortiSIEM ML modes and algorithms
  • Describe how to train an ML model perform an analysis using a ML model
  • Describe the benefits of deploying FortiSIEM UEBA
  • Configure tags, rules, and incidents using UEBA data
  • Describe how ZTNA tags affect the FortiSIEM incident and remediation process
  • Configure a ZTNA tag using FortiSIEM to remediate incidents
  • Generate and export a report
  • Create a custom dashboard

Pre-requisites:

This course assumes that participants have an understanding of the topics covered in the following courses, or have equivalent experience:

  • FortiGate Operator
  • FortiSIEM Administrator
Sign up for a course FT-SIEMA — FortiSIEM Analyst (NSE6)