Course Overview
In this course, you will learn about FortiSOAR architecture, and how to deploy, configure, manage, operate, and monitor FortiSOAR in a SoC environment. You will learn about various system customization options, HA deployment, security management using role-based access control (RBAC), and various system monitoring tools.
This course is intended to help you prepare for the Fortinet NSE 6 - FortiSOAR 7.3 Administrator certification exam. This certification is part of the Fortinet Certified Professional - Security Operations certification track.
Who should attend
This course is intended for cybersecurity professionals responsible for planning, deploying, configuring, and managing FortiSOAR deployments in a SoC environment.
Prerequisites
You must have an understanding of the topics covered in the following course, or have equivalent experience:
- NSE 4 FortiGate Security
Familiarity with SOC technologies and processes is recommended.
Course Objectives
After completing this course, you should be able to:
- Identify challenges of security teams, and assist security teams with SOAR best practices
- Identify the role of SOAR in assisting security teams
- Describe the basics of SOAR technology
- Manage licenses
- Deploy and manage FortiSOAR VM
- Configure teams, roles, and users
- Configure authentication
- Schedule the purging of audit logs and executed playbook logs
- Configure playbook recovery
- Configure environment variables
- Configure company branding
- Configure system fixtures
- Configure the recycle bin
- Monitor and manage audit logs
- Use the configuration manager
- Monitor system resources
- Deploy, configure, manage, and troubleshoot a FortiSOAR high availability cluster
- Identify the types of logs used for troubleshooting
- Collect log files used for troubleshooting
- Troubleshoot key services and processes on FortiSOAR