Course Overview
In this three-day FT-FSM: FortiSIEM Administrator course, you will learn about FortiSIEM initial configurations, architecture, and the discovery of devices on the network.
You will also learn how to collect performance information and aggregate it with syslog data to enrich the overall view of the health of your environment, how to use the configuration database to greatly facilitate compliance audits, and how to integrate FortiSIEM into your network awareness infrastructure.
Product version: FortiSIEM 7.2
Cybersecurity is not optional. It’s Operational. Don’t wait for a breach. Build the skills. Earn the badge. Lead the defense. Explore our Top Cybersecurity Skills for Malaysia’s Digital Future campaign.
Be the reason your organization survives the next cyberattack.
What are the skills covered
- Describe FortiSIEM key features and deployment architectures
- Describe FortiSIEM indicators of compromise (IoC) and reputation check
- Describe how FortiSIEM receives, collects, normalizes, and enriches logs
- Describe event type classifications
- Describe customer scaling with FortiSIEM collectors and collector high availability (HA)
- Describe FortiSIEM agent architecture for managed security services providers (MSSP)
- Describe various Fortinet Security Fabric integrations
- Perform initial configurations, and role-based access management (RBAC)
- Configure and troubleshoot asset discovery
- View performance metrics and perform actions in the configuration management database (CMDB)
- Deploy, assign, register, and upgrade collectors for MSSP customers
- Configure and manage collector HA
- Create and monitor critical business services
- Analyze business services dashboards
- Install and register FortiSIEM agents
- Monitor agent status on the CMDB
- Monitor events per second (EPS) usage
- Configure event dropping rules
- Configure identity and location information in the CMDB
- Deploy AI-based user entity behavior analysis (UEBA)
- Configure on-net and off-net detection, and FortiInsight watchlists
- Configure zero-trust network access (ZTNA) integration
- Create custom dashboards
- Load, save, schedule, and import reports
- Create and run CMDB and UEBA reports
- Manage collection jobs
- Define maintenance schedules
- Monitor system status with FortiSIEM health check scripts
- Collect and analyze system logs
Who should attend this course
- Anyone who is responsible for day-to-day management of FortiSIEM.
Course Curriculum
Course Modules
Exam & Certification
There is no associated certification exam for this course.