Who should attend
This course is intended for network security professionals responsible for designing, implementing, and maintaining a Fortinet advanced threat protection solution with FortiSandbox.
Prerequisites
You must have an understanding of the topics covered in FCF - FortiGate Fundamentals (or have equivalent experience).
It is also recommended that you have an understanding of the topics covered in the following courses, or have equivalent experience:
Course Objectives
After completing this course, you should be able to:
- Identify threat actors and their motivations
- Identify different types of counterattacks
- Describe Fortinet solutions for different stages of the Cyber Kill Chain
- Analyze the MITRE ATT&CK matrix
- Identify FortiSandbox architecture and key components
- Plan a FortiSandbox deployment
- Describe FortiSandbox input methods
- Select an appropriate deployment mode and configure initial settings
- Explain FortiSandbox interface requirements
- Configure alert emails, SNMP monitoring, and a remote backup
- Analyze dashboards, the operation center, and system events
- Monitor FortiSandbox operation and troubleshoot system issues
- Manage guest VMs
- Configure VM association settings and scan options
Detailed Course Outline
- 1. Attack Methodologies
- 2. Deployment and System Settings
- 3. Scanning and Rating Components
- 4. High Availability
- 5. FortiGate Integration
- 6. FortiMail Integration
- 7. FortiWeb Integration
- 8. FortiClient EMS Integrations
- 9. Results Analysis