In this course, you will learn about FortiSOAR architecture, and how to deploy, configure, manage, operate, and monitor FortiSOAR in a SoC environment. You will learn about various system customization options, HA deployment, security management using role-based access control (RBAC), and various system monitoring tools.
This course is intended to help you prepare for the NSE 6 FortiSOAR 7.0 Administrator certification exam.
Who should attend
This course is intended for cybersecurity professionals responsible for planning, deploying, configuring, and managing FortiSOAR deployments in a SoC environment.
You must have an understanding of the topics covered in the following course, or have equivalent experience:
- NSE 4 FortiGate Security
Familiarity with SOC technologies and processes is recommended.
After completing this course, you should be able to:
- Identify challenges of security teams, and assist security teams with SOAR best practices
- Identify the role of SOAR in assisting security teams
- Describe the basics of SOAR technology
- Manage licenses
- Deploy and manage FortiSOAR VM
- Configure teams, roles, and users
- Configure authentication
- Schedule the purging of audit logs and executed playbook logs
- Configure playbook recovery
- Configure environment variables
- Configure company branding
- Configure system fixtures
- Monitor and manage audit logs
- Use the configuration manager
- Monitor system resources
- Deploy, configure, manage, and troubleshoot a FortiSOAR high availability cluster
- Identify the types of logs used for troubleshooting
- Troubleshoot key services and processes on FortiSOAR
Outline: FortiSOAR Administrator - NSE 6 (FORT-SOARADMIN)
- 1. Introduction to FortiSOAR
- 2. Device Management
- 3. High Availability
- 4. System Configuration
- 5. Searching and Upgrading
- 6. System Monitoring and Troubleshooting