FortiSIEM Course Overview:

This course covers FortiSIEM introductory setup, architectural insights, network device discovery, performance data collection, syslog data integration, compliance audit streamlining via the configuration database, and FortiSIEM integration into your network awareness infrastructure.

Intended Audience:

• Anyone who is responsible for the day-to-day management of FortiSIEM should attend this course.

Learning Objectives of FortiSIEM:

Upon completing this course, you will possess the following skills:

• Identify the business drivers that necessitate the use of SIEM tools.
• Describe the fundamental concepts of SIEM and Privileged Access Management (PAM).
• Outline the key features of FortiSIEM.
• Comprehend the interplay between collectors, workers, and supervisors within the system.
• Configure notifications for various events and alerts.
• Create new user accounts and tailor custom roles for different responsibilities.
• Describe the process of enabling devices for discovery within the FortiSIEM environment.
• Recognize situations where agents should be employed.
• Conduct real-time and historical structured searches for data analysis.
• Group and aggregate search results to extract meaningful insights.
• Examine performance metrics to gauge system health.
• Develop custom incident rules to respond effectively to security events.
• Edit existing reports or create new ones to generate relevant insights.
• Configure and personalize dashboards for a customized view of system data.
• Export Configuration Management Database (CMDB) information for reference.
• Identify the components of Windows agents and their role in the system.
• Understand the purpose of Windows agents in various deployment scenarios.
• Identify reports that pertain to Windows agents and their monitoring activities.
• Gain insight into the FortiSIEM Linux file monitoring agent and its functionality.