This course prepares Analyst for the Fortinet NSE 5 – FortiSIEM 6.3 exam. By passing
this exam, Analyst will be awarded the associated exam badge.
This exam is part of the FCP Security Operations certification track.
In this course, analyst will learn about FortiSIEM initial configurations, architecture,
and the discovery of devices on the network. Analyst will also learn how to collect
performance information and aggregate it with syslog data to enrich the overall
view of the health of your environment, how to use the configuration database to
greatly facilitate compliance audits, and how to integrate FortiSIEM into your
network awareness infrastructure.
Course Topics Covered:
- Introduction
- SIEM and PAM Concepts
- Discovery and FortiSIEM Agents
- FortiSIEM Analytics
- CMDB Lookups and Filters
- Group By and Data Aggregation
- Rules and MITRE ATT&CK
- Incidents and Notification-Policies
- Reports and Dashboards
- Maintaining and Tuning
- Troubleshooting