FortiEDR

After completing this course, you should be able to:

• Explain the FortiEDR approach and how it works.
• Identify the communicating components and how they are configured.
• Perform important administrative tasks, including:
  • Managing console users
  • Updating collectors
  • Deleting personal data for GDPR compliance
  • Deploying a multi-tenant environment
  • Viewing system events
• Recognize what Fortinet Cloud Service is and how it works.
• Complete basic tasks in each area of the management console:
  • The Dashboard
  • The Event Viewer
  • The Forensics tab
  • The Threat Hunting module
  • Communication Control
  • Security Policies
  • Playbooks
  • Inventory
  • The Administration tab
• Manage security events and their status.
• Block communication from applications that are risky or unwanted, but not inherently malicious.
• Find and remove malicious executables from all the devices in your environment.
• Understand how FortiEDR integrates with Fortinet Security Fabric, and how FortiXDR works.
• Use RESTful API to manage your FortiEDR environment.
• Prioritize, investigate, and analyze security events.
• Remediate malicious events and create exceptions to allow safe processes.
• Carry out various basic troubleshooting tasks on all FortiEDR components.
• Obtain collector logs and memory dumps.

IT and security professionals involved in the administration and support of FortiEDR should attend this course.

A basic understanding of cybersecurity concepts