Who should attend
Security professionals involved in the administration and support of FortiEDR should attend this course.
Prerequisites
You must have a basic understanding of cybersecurity concepts.
Course Objectives
After completing this course, you should be able to:
- Explain the FortiEDR approach and how it works
- Identify the communicating components and how they are configured
- Perform important administrative tasks, including managing console users, updating collectors, deleting personal data for GDPR compliance, deploying multi-tenant environments, and viewing system events
- Define at Fortinet Cloud Service is and how it works
- Complete basic tasks in each area of the management console: the Dashboard, Incidents, Threat Hunting, Communication Control, Inventory, and Administration tabs, and the Security Policies and Playbooks pages
- Manage security events and their status
- Block communication from applications that are risky or unwanted, but not inherently malicious
- Find and remove malicious executables from all the devices in your environment
- Explain how FortiEDR integrates with Fortinet Security Fabric, and how FortiXDR works
- Use RESTful API to manage your FortiEDR environment
- Prioritize, investigate, and analyze security events
- Remediate malicious events and create exceptions to allow safe processes
- Perform various basic troubleshooting tasks on all FortiEDR components
- Obtain collector logs and memory dumps
Detailed Course Outline
- Product Overview and Installation
- Administration
- Security Policies
- Fortinet Cloud Security and Playbooks
- Communication Control
- Events and Incidents
- Threat Hunting
- RESTful API
- Troubleshooting