Who should attend
This course is intended for network security engineers responsible for designing, implementing, and maintaining an advanced threat protection solution with FortiSandbox, in an Enterprise network environment.
Certifications
This course is part of the following Certifications:
Prerequisites
You must have an understanding of the topics covered in FortiGate Security (FORT-SECI) or FortiGate Infrastructure (FORT-SECII), or have equivalent experience.
It is also recommended that you have an understanding of the topics covered in FortiMail Administrator (FORTIMAIL), FortiWeb Administrator (FORT-WEB), and FortiClient EMS Administrator (FORT-CLIENTEMS), or have equivalent experience.
Course Objectives
After completing this course, you will be able to:
- Identify different types of cyber attacks
- Identify threat actors and their motivations
- Understand the anatomy of an attack—the kill chain
- Identify the potentially vulnerable entry points in an Enterprise network
- Identify how the ATP works to break the kill chain
- Identify the role of FortiSandbox in the ATP framework
- Identify appropriate applications for sandboxing
- Identify FortiSandbox architecture and key components
- Identify the appropriate network topology requirements
- Configure FortiSandbox
- Monitor FortiSandbox operation
- Configure FortiGate, FortiMail, FortiWeb, and FortiClient integration with FortiSandbox
- Identify the role of machine learning in preventing zero day attacks and advanced threats
- Configure machine learning on FortiWeb
- Analyze attack logs from machine learning system
- Troubleshoot FortiSandbox
- Perform analysis of outbreak events
- Remediate outbreak events based on log and report analysis