Fortinet - Certified Solution Specialist Security Operations

Duration

Duration:

Only 2 Days

Method

Method:

Classroom / Online / Hybrid

Next date

Next date:

30.9.2024 (Monday)

Overview

On this accelerated Fortinet Certified Solution Specialist Security Operations certification validates your ability to design, administer, monitor, and troubleshoot Fortinet security operations solutions. This curriculum covers security operations infrastructures using advanced Fortinet solutions.

In this course, you will learn how to use FortiSIEM in a multi-tenant environment. You will learn about rules and their architecture, how incidents are generated, how baseline calculations are performed, the different methods of remediation available, and how the nested queries and lookup tables work for advanced analytics using FortiSIEM. You will also learn how to integrate FortiSOAR with FortiSIEM.

In just 2 days, you’ll learn to identify various implementation requirements for a multi-tenant FortiSIEM deployment . You’ll also learn how to:

  • Deploy FortiSIEM in a hybrid environment with and without collectors
  • Design multi-tenant solutions with FortiSIEM
  • Deploy collectors in a multi-tenant environment
  • Manage EPS assignment and restrictions on FortiSIEM
  • Manage resource utilization of a multi-tenant FortiSIEM cluster
  • Maintain and troubleshoot a collector installation
  • Deploy and manage Windows and Linux agents
  • Create rules by evaluating security events
  • Define actions for a single pattern security rule
  • Identify multiple pattern security rules and define conditions and actions for them
  • Differentiate between a standard and baseline report
  • Create your own baseline profiles Deploy FortiSIEM UEBA agents
  • Examine log-based UEBA rules
  • Examine nested queries for advanced analytics
  • Configure lookup tables for advanced analytics
  • Configure clear conditions on FortiSIEM
  • Analyze some out-of-the-box remediation scripts
  • Configure various remediation methods on FortiSIEM
  • Integrate FortiSOAR with FortiSIEM
  • Remediate incidents from FortiSOAR

At the end of this course, you’ll sit the Fortinet exam, and achieve your Fortinet Certified Solution Specialist Security Operations certification. Through Firebrand’s Lecture | Lab | Review methodology, you’ll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.

 

Audience

This course is ideal for:

  • Cybersecurity professionals who require the expertise needed to design, manage, support, and analyse advanced Fortinet security operations solutions.
  • Security professionals involved in the management, configuration, administration, and monitoring of FortiSIEM and FortiSOAR devices—in an enterprise or service provider deployment—that are used to monitor and secure the networks of customer organizations.

Four reasons why you should sit your course with Firebrand Training

  1. You'll be trained and certified faster. Learn more on this 2-day accelerated course. You'll get at least 12 hours a day of quality learning time in a distraction-free environment
  2. Your course is all-inclusive. One simple price covers all course materials, exams, accommodation and meals – so you can focus on learning
  3. Pass first time or train again for free. Your expert instructor will deliver our unique accelerated learning methods, allowing you to learn faster and be in the best possible position to pass first time. In the unlikely event that you don't, it's covered by your Certification Guarantee
  4. Study with an award-winning training provider. We've won the Learning and Performance Institute's "Training Company of the Year" three times. Firebrand is your fastest way to learn, with 134561 students saving more than one million hours since 2001

Benefits

Seven reasons why you should sit your course with Firebrand Training

  1. Two options of training. Choose between residential classroom-based, or online courses
  2. You'll be certified fast. With us, you’ll be trained in record time
  3. Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
  4. Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  5. You’ll learn more. A day with a traditional training provider generally runs from 9 am – 5 pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day of quality learning time, with your instructor
  6. You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  7. You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals
  • * For residential training only. Doesn't apply for online courses
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts

Curriculum

 

Module 1: Multi-Tenancy SOC Solution for MSSP

  • Describe multi-tenancy solutions for SOC environment
  • Define and deploy collectors and agents
  • Install and manage FortiSIEM Windows and Linux agents

 

Module 2: FortiSIEM Rules

  • Explain FortiSIEM rule processing
  • Construct FortiSIEM rules
  • Explain the MITRE ATT&CK® framework

 

Module 3: FortiSIEM Baseline and UEBA

  • Explain FortiSIEM baseline and profile reports
  • Construct FortiSIEM baseline rules
  • Configure UEBA on FortiSIEM

 

Module 4: Clear Conditions and Remediation

  • Remediate incidents on FortiSIEM manually and automatically
  • Remediate incidents using FortiSOAR

 

Module 5: Multi-Tenancy SOC Solution for MSSP

  • Describe multi-tenancy solutions for SOC environments
  • Define and deploy collectors and agents
  • Install and manage FortiSIEM Windows and Linux agents

Module 6: FortiSIEM Rules and Analytics

  • Explain FortiSIEM rule processing
  • Construct FortiSIEM rules
  • Configure advanced nested queries and lookup tables

 

Module 7: FortiSIEM Baseline and UEBA

  • Explain FortiSIEM baseline and profile reports
  • Construct FortiSIEM baseline rules
  • Explain UEBA on FortiSIEM

 

Module 8: Conditions and Remediation

  • Remediate incidents on FortiSIEM both manually and automatically
  • Remediate incidents through FortiSOAR

Exam Track

At the end of this accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered Certification Guarantee:

Fortinet Certified Solution Specialist Security Operations exam NSE 7 - Advanced Analytics 6.3

To obtain the FCSS in Security Operations certification, you must pass the Fortinet NSE 7–Advanced Analytics exam.

  • Duration: 60 minutes
  • Format: Multiple choice and multiple select
  • Number of questions: 35
  • Passing score: Answers must be 100% correct for credit. No partial credit is given. There are no deductions for incorrect answers.

What's Included

Your accelerated course includes:

  • Accommodation *
  • Meals, unlimited snacks, beverages, tea and coffee *
  • On-site exams **
  • Exam vouchers **
  • Practice tests **
  • Certification Guarantee ***
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Digital courseware **
  • * For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
  • *** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Prerequisites

Before attending this accelerated course, you should have:

  • An understanding of the topics covered in the following courses, or equivalent experience:
  • FCP - FortiGate Security
  • FCP - FortiGate Infrastructure
  • FCP - FortiSIEM

 

  • It is also recommended that you have an understanding of the following topics, or have equivalent experience:
  • Python programming
  • Jinja2 templating language for Python
  • Linux systems
  • SOAR technologies

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 134561 students and asked them all to review our Accelerated Learning. Currently, 96.02% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"The CISA course was good for knowledge growth regardless of experience and key to taking the exam. I would definitely recommend."
G. K. . (15.4.2024 (Monday) to 18.4.2024 (Thursday))

"Course material is very comprehensive. Instructor was very friendly and gave multiple views on the topics being discussed and included a good amount of examples."
D. E. . (30.10.2023 (Monday) to 1.11.2023 (Wednesday))

"Course material is very comprehensive. Instructor was very friendly and gave multiple views on the topics being discussed and included a good amount of examples."
D. E. . (30.10.2023 (Monday) to 1.11.2023 (Wednesday))

"Great trainer who has plenty of experience that he shared with us! Valuable insights and practical examples were provided that will help me with my daily tasks! Thank you!"
K. S. . (30.10.2023 (Monday) to 1.11.2023 (Wednesday))

"Great trainer who has plenty of experience that he shared with us! Valuable insights and practical examples were provided that will help me with my daily tasks! Thank you!"
K. S. . (30.10.2023 (Monday) to 1.11.2023 (Wednesday))

Course Dates

Start

Finish

Status

Location

Book now

27.5.2024 (Monday)

28.5.2024 (Tuesday)

Finished - Leave feedback

-

 

30.9.2024 (Monday)

1.10.2024 (Tuesday)

Wait list

Nationwide

 

11.11.2024 (Monday)

12.11.2024 (Tuesday)

Limited availability

Nationwide

 

 

3.2.2025 (Monday)

4.2.2025 (Tuesday)

Open

Nationwide

 

17.3.2025 (Monday)

18.3.2025 (Tuesday)

Open

Nationwide

 

Latest Reviews from our students