Defining Quality in IT and Business Training

Overview

Course Content/Exam(s)

Course Code	Description	Exam Code	Duration
NSE54 EDR	FortiEDR.pdf		2 Days

Course Benefits

After completing this course, you will be able to:

• Explain the FortiEDR approach and how it works
• Identify the communicating components and how they are configured
• Schedule, organize, and tune a new deployment
• Carry out basic troubleshooting steps, including: verifying that FortiEDR is installed and actively blocking malware, identifying whether FortiEDR has blocked a process or connection, finding logs, and contacting FortiEDR Support
• Perform important administrative tasks, including: managing console users, updating collectors, deleting personal data for GDPR compliance, and viewing system events
• Complete basic tasks in of each area of the management console: the Dashboard, the Event Viewer, the Forensics tab, the Threat Hunting module, Communication Control, Security Policies, Playbooks, Inventory, and the Administration tab
• Manage security events and their status
• Block communication from applications that are risky or unwanted, but not inherently malicious
• Define next-generation antivirus, its role in FortiEDR, and where it falls in the order of operations
• Find and remove malicious executables from all the devices in your environment
• Use RESTful API to manage your FortiEDR environment
• Administer a multi-tenant environment
• Recognize what Fortinet Cloud Service is and how it works
• Troubleshoot collector upgrades and performance issues
• Obtain collector logs and memory dumps
• Have a basic understanding of the history of malware, how it exploits trust, and the persistence techniques used in malware today
• Triage PowerShell and CScript events, verify their destinations, and retrieve memory
• Prioritize, investigate, and analyze security events
• Remediate malicious events and create exceptions to allow safe processes