Fortinet - Certified Solution Specialist Security Operations

Duration

Duration:

Only 2 Days

Method

Method:

Classroom / Online / Hybrid

Next date

Next date:

30/9/2024 (Monday)

Overview

On this accelerated Fortinet Certified Solution Specialist Security Operations certification validates your ability to design, administer, monitor, and troubleshoot Fortinet security operations solutions. This curriculum covers security operations infrastructures using advanced Fortinet solutions.

In this course, you will learn how to use FortiSIEM in a multi-tenant environment. You will learn about rules and their architecture, how incidents are generated, how baseline calculations are performed, the different methods of remediation available, and how the nested queries and lookup tables work for advanced analytics using FortiSIEM. You will also learn how to integrate FortiSOAR with FortiSIEM.

In just 2 days, you’ll learn to identify various implementation requirements for a multi-tenant FortiSIEM deployment . You’ll also learn how to:

  • Deploy FortiSIEM in a hybrid environment with and without collectors
  • Design multi-tenant solutions with FortiSIEM
  • Deploy collectors in a multi-tenant environment
  • Manage EPS assignment and restrictions on FortiSIEM
  • Manage resource utilization of a multi-tenant FortiSIEM cluster
  • Maintain and troubleshoot a collector installation
  • Deploy and manage Windows and Linux agents
  • Create rules by evaluating security events
  • Define actions for a single pattern security rule
  • Identify multiple pattern security rules and define conditions and actions for them
  • Differentiate between a standard and baseline report
  • Create your own baseline profiles Deploy FortiSIEM UEBA agents
  • Examine log-based UEBA rules
  • Examine nested queries for advanced analytics
  • Configure lookup tables for advanced analytics
  • Configure clear conditions on FortiSIEM
  • Analyze some out-of-the-box remediation scripts
  • Configure various remediation methods on FortiSIEM
  • Integrate FortiSOAR with FortiSIEM
  • Remediate incidents from FortiSOAR

At the end of this course, you’ll sit the Fortinet exam, and achieve your Fortinet Certified Solution Specialist Security Operations certification. Through Firebrand’s Lecture | Lab | Review methodology, you’ll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.

 

Audience

This course is ideal for:

  • Cybersecurity professionals who require the expertise needed to design, manage, support, and analyse advanced Fortinet security operations solutions.
  • Security professionals involved in the management, configuration, administration, and monitoring of FortiSIEM and FortiSOAR devices—in an enterprise or service provider deployment—that are used to monitor and secure the networks of customer organizations.

Benefits

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

Curriculum

 

Module 1: Multi-Tenancy SOC Solution for MSSP

  • Describe multi-tenancy solutions for SOC environment
  • Define and deploy collectors and agents
  • Install and manage FortiSIEM Windows and Linux agents

 

Module 2: FortiSIEM Rules

  • Explain FortiSIEM rule processing
  • Construct FortiSIEM rules
  • Explain the MITRE ATT&CK® framework

 

Module 3: FortiSIEM Baseline and UEBA

  • Explain FortiSIEM baseline and profile reports
  • Construct FortiSIEM baseline rules
  • Configure UEBA on FortiSIEM

 

Module 4: Clear Conditions and Remediation

  • Remediate incidents on FortiSIEM manually and automatically
  • Remediate incidents using FortiSOAR

 

Module 5: Multi-Tenancy SOC Solution for MSSP

  • Describe multi-tenancy solutions for SOC environments
  • Define and deploy collectors and agents
  • Install and manage FortiSIEM Windows and Linux agents

Module 6: FortiSIEM Rules and Analytics

  • Explain FortiSIEM rule processing
  • Construct FortiSIEM rules
  • Configure advanced nested queries and lookup tables

 

Module 7: FortiSIEM Baseline and UEBA

  • Explain FortiSIEM baseline and profile reports
  • Construct FortiSIEM baseline rules
  • Explain UEBA on FortiSIEM

 

Module 8: Conditions and Remediation

  • Remediate incidents on FortiSIEM both manually and automatically
  • Remediate incidents through FortiSOAR

Exam Track

At the end of this accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered Certification Guarantee:

Fortinet Certified Solution Specialist Security Operations exam NSE 7 - Advanced Analytics 6.3

To obtain the FCSS in Security Operations certification, you must pass the Fortinet NSE 7–Advanced Analytics exam.

  • Duration: 60 minutes
  • Format: Multiple choice and multiple select
  • Number of questions: 35
  • Passing score: Answers must be 100% correct for credit. No partial credit is given. There are no deductions for incorrect answers.

What's Included

Your accelerated course includes:

  • Accommodation *
  • Meals, unlimited snacks, beverages, tea and coffee *
  • On-site exams **
  • Exam vouchers **
  • Practice tests **
  • Certification Guarantee ***
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Digital courseware **
  • * For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
  • *** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Prerequisites

Before attending this accelerated course, you should have:

  • An understanding of the topics covered in the following courses, or equivalent experience:
  • FCP - FortiGate Security
  • FCP - FortiGate Infrastructure
  • FCP - FortiSIEM

 

  • It is also recommended that you have an understanding of the following topics, or have equivalent experience:
  • Python programming
  • Jinja2 templating language for Python
  • Linux systems
  • SOAR technologies

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 134561 students and asked them all to review our Accelerated Learning. Currently, 96.06% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"It’s a very focused and structured course for the certification. I really enjoyed."
IF. (24/6/2024 (Monday) to 27/6/2024 (Thursday))

"I recently completed the PMP Project Management course at Firebrand, and I am thoroughly impressed with the experience. The instructor was incredibly knowledgeable and provide real-world insights that go beyond the textbook. The course material is well-structured, comprehensive, and up-to-date with the latest industry standards."
Karibaye Koumagoto, Fadateam. (10/6/2024 (Monday) to 14/6/2024 (Friday))

"I recently completed the PMP Project Management course at Firebrand, and I am thoroughly impressed with the experience. The instructor was incredibly knowledgeable and provide real-world insights that go beyond the textbook. The course material is well-structured, comprehensive, and up-to-date with the latest industry standards."
Karibaye Koumagoto, Fadateam. (10/6/2024 (Monday) to 14/6/2024 (Friday))

"I had a very good experience with hands-on learning and the instructors were knowledgeable and supportive."
CR, IDA ireland. (5/6/2024 (Wednesday) to 7/6/2024 (Friday))

"Enjoyed the course through out as it was very interactive."
Himanshu Paliwal, NXP. (5/6/2024 (Wednesday) to 7/6/2024 (Friday))

Course Dates

Start

Finish

Status

Location

Book now

27/5/2024 (Monday)

28/5/2024 (Tuesday)

Finished - Leave feedback

-

 

30/9/2024 (Monday)

1/10/2024 (Tuesday)

Wait list

Nationwide

 

11/11/2024 (Monday)

12/11/2024 (Tuesday)

Limited availability

Nationwide

 

 

3/2/2025 (Monday)

4/2/2025 (Tuesday)

Open

Nationwide

 

17/3/2025 (Monday)

18/3/2025 (Tuesday)

Open

Nationwide

 

Latest Reviews from our students