FortiAnalyzer Analyst (FAZ-ANS)

 

Who should attend

Security professionals responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer should attend this course.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • FortiGate Operator
  • FortiAnalyzer Administrator

It is also recommended that you have knowledge of the following topic:

  • SQL SELECT statement syntax

Course Objectives

After completing this course, you should be able to:

  • Describe SOC objectives, responsibilities, and roles
  • Describe the role of FortiAnalyzer in a SOC
  • Describe FortiAnalyzer Security Fabric integration
  • Describe how logging works in a Security Fabric
  • Describe FortiAnalyzer Fabric deployments
  • Describe FortiAnalyzer operating modes
  • Describe how FortiAnalyzer parses and normalizes logs
  • Validate log parsers
  • Search logs using normalized fields
  • View and search for logs in the log view
  • Create saved filters and dashboards
  • View summary data in FortiView
  • View dashboards and widget features
  • Configure event handlers
  • Manage events
  • Configure indicators
  • Create incidents
  • Analyze incidents
  • Configure incident settings
  • Describe FortiAI operations and use cases
  • Describe threat hunting
  • Use the log count chart
  • Use the SIEM log analytics table
  • Describe outbreak alerts
  • Collect log volume statistics
  • Configure an automation stitch
  • Configure an event handler with an automation stitch enabled
  • Run and fine-tune predefined reports
  • Customize reports with macros, custom charts, and datasets
  • Configure external storage for reports
  • Group reports
  • Import and export reports and charts
  • Attach reports to incidents
  • Manage and troubleshoot reports
  • Create new playbooks
  • Use variables in tasks
  • Monitor playbooks
  • Export and import playbooks

Detailed Course Outline

  • SOC Concepts and Security Fabric
  • Log Data Flow and Navigation
  • Events, Indicators, and Incidents
  • FortiAI, Threat Hunting, and Troubleshooting
  • Reports
  • Playbooks

Prices & Delivery methods

Online Training

Duration
1 day

Price
  • US $ 950
Enroll now
Classroom Training

Duration
1 day

Price
  • United States: US $ 950
Enroll now

Click on town name or "Online Training" to book Schedule

Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United States

 Online Training Time zone: Eastern Standard Time (EST) Enroll
Online Training Time zone: Central Daylight Time (CDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Daylight Time (CDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll

Canada

 Online Training Time zone: Eastern Standard Time (EST) Enroll
Online Training Time zone: Central Daylight Time (CDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Daylight Time (CDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll