NSE 5 FortiEDR 5.0
Overview
NSE 5 FortiEDR 4.2 accredited by Fortinet. In this course, learn how to use FortiEDR to protect your endpoints against advanced attacks with real-time orchestrated incident response functionality.
Course Content/Exam(s)
Course Code | Description | Exam Code | Duration |
---|---|---|---|
NSE54 EDR | FortiEDR.pdf | 2 Days |
Course Benefits
After completing this course, you will be able to:- Explain the FortiEDR approach and how it works
- Identify the communicating components and how they are configured
- Schedule, organize, and tune a new deployment
- Carry out basic troubleshooting steps, including: verifying that FortiEDR is installed and actively blocking malware, identifying whether FortiEDR has blocked a process or connection, finding logs, and contacting FortiEDR Support
- Perform important administrative tasks, including: managing console users, updating collectors, deleting personal data for GDPR compliance, and viewing system events
- Complete basic tasks in of each area of the management console: the Dashboard, the Event Viewer, the Forensics tab, the Threat Hunting module, Communication Control, Security Policies, Playbooks, Inventory, and the Administration tab
- Manage security events and their status
- Block communication from applications that are risky or unwanted, but not inherently malicious
- Define next-generation antivirus, its role in FortiEDR, and where it falls in the order of operations
- Find and remove malicious executables from all the devices in your environment
- Use RESTful API to manage your FortiEDR environment
- Administer a multi-tenant environment
- Recognize what Fortinet Cloud Service is and how it works
- Troubleshoot collector upgrades and performance issues
- Obtain collector logs and memory dumps
- Have a basic understanding of the history of malware, how it exploits trust, and the persistence techniques used in malware today
- Triage PowerShell and CScript events, verify their destinations, and retrieve memory
- Prioritize, investigate, and analyze security events
- Remediate malicious events and create exceptions to allow safe processes