Security Operations Architect

Security Operations ArchitectSECOP-ARCHFOFortinetFO-SECOP-ARCH7.6After completing this course, you will be able to: <ul> <li>Describe the main functions and roles within a SOC</li><li>Identify the challenges that can be solved by the Fortinet SOC</li><li>Describe the MITRE ATT&CK Enterprise Matrix and the Cyber Kill Chain</li><li>Describe how to identify and reduce the attack surface</li><li>Describe common attack vectors</li><li>Describe the benefits of using FortiSIEM and FortiSOAR</li><li>Describe different Fortinet SOC deployment architectures</li><li>Describe the FortiSOAR Content Hub and connectors</li><li>Describe FortiAI features</li><li>Describe FortiAI in FortiSIEM and FortiSOAR</li><li>Describe reactive and proactive threat hunting processes</li><li>Generate threat hunting hypotheses</li><li>Identify and configure data sources</li><li>Configure data ingestion</li><li>Configure FortiSIEM rules</li><li>Execute attack vectors</li><li>Describe the NIST SP 800-61 incident handling process</li><li>Describe the incident handling workflow with FortiSIEM and FortiSOAR</li><li>Analyze, handle, and tune incidents on FortiSIEM</li><li>Ingest FortiSIEM incidents into FortiSOAR for incident handling</li><li>Escalate FortiSOAR alerts into incidents</li><li>Describe automation requirements</li><li>Describe FortiSOAR playbook steps</li><li>Run playbooks to enrich indicators</li><li>Configure a playbook to retrieve a hash rating from FortiSandbox</li><li>Perform containment on FortiGate, Windows Active Directory, and FortiClient EMS using FortiSOAR connectors</li><li>Eradicate artifacts from a compromised host</li><li>Release a compromised host from quarantine after recovery</li><li>Manage playbook history logs</li></ul>You must have an understanding of the topics covered in the FortiSIEM Analyst course, or have equivalent experience.Security professionals involved in the design, implementation, operation, and monitoring of Fortinet SOC solutions using FortiSIEM and FortiSOAR should attend this course.<ul> <li>SOC Concepts and Security Frameworks</li><li>Fortinet SOC with FortiSIEM and FortiSOAR</li><li>Incident Handling and FortiSIEM</li><li>Incident Handling and FortiSOAR</li><li>SOC Playbook Development</li><li>Threat Hunting</li></ul>After completing this course, you will be able to: - Describe the main functions and roles within a SOC - Identify the challenges that can be solved by the Fortinet SOC - Describe the MITRE ATT&CK Enterprise Matrix and the Cyber Kill Chain - Describe how to identify and reduce the attack surface - Describe common attack vectors - Describe the benefits of using FortiSIEM and FortiSOAR - Describe different Fortinet SOC deployment architectures - Describe the FortiSOAR Content Hub and connectors - Describe FortiAI features - Describe FortiAI in FortiSIEM and FortiSOAR - Describe reactive and proactive threat hunting processes - Generate threat hunting hypotheses - Identify and configure data sources - Configure data ingestion - Configure FortiSIEM rules - Execute attack vectors - Describe the NIST SP 800-61 incident handling process - Describe the incident handling workflow with FortiSIEM and FortiSOAR - Analyze, handle, and tune incidents on FortiSIEM - Ingest FortiSIEM incidents into FortiSOAR for incident handling - Escalate FortiSOAR alerts into incidents - Describe automation requirements - Describe FortiSOAR playbook steps - Run playbooks to enrich indicators - Configure a playbook to retrieve a hash rating from FortiSandbox - Perform containment on FortiGate, Windows Active Directory, and FortiClient EMS using FortiSOAR connectors - Eradicate artifacts from a compromised host - Release a compromised host from quarantine after recovery - Manage playbook history logsYou must have an understanding of the topics covered in the FortiSIEM Analyst course, or have equivalent experience.Security professionals involved in the design, implementation, operation, and monitoring of Fortinet SOC solutions using FortiSIEM and FortiSOAR should attend this course.- SOC Concepts and Security Frameworks - Fortinet SOC with FortiSIEM and FortiSOAR - Incident Handling and FortiSIEM - Incident Handling and FortiSOAR - SOC Playbook Development - Threat Hunting2 jours1900.002620.001900.001900.001900.001900.001900.001900.001900.001900.001900.001900.00