Course Overview
In this course, you will learn how to use FortiEDR to protect your endpoints against advanced attacks with real-time orchestrated incident response functionality. You will also learn about how FortiEDR protects your endpoints automatically in real time. This exam is part of the FCSS SASE certification track.
Who should attend
Security professionals involved in the administration and support of FortiEDR should attend this course.
Prerequisites
You must have a basic understanding of cybersecurity concepts.
Course Objectives
After completing this course, you should be able to:
- Explain the FortiEDR approach and how it works
- Identify the communicating components and how they are configured
- Perform important administrative tasks, including managing console users, updating collectors, deleting personal data for GDPR compliance, deploying multi-tenant environments, and viewing system events
- Define at Fortinet Cloud Service is and how it works
- Complete basic tasks in each area of the management console: the Dashboard, Incidents, Threat Hunting, Communication Control, Inventory, and Administration tabs, and the Security Policies and Playbooks pages
- Manage security events and their status
- Block communication from applications that are risky or unwanted, but not inherently malicious
- Find and remove malicious executables from all the devices in your environment
- Explain how FortiEDR integrates with Fortinet Security Fabric, and how FortiXDR works
- Use RESTful API to manage your FortiEDR environment
- Prioritize, investigate, and analyze security events
- Remediate malicious events and create exceptions to allow safe processes
- Perform various basic troubleshooting tasks on all FortiEDR components
- Obtain collector logs and memory dumps
English