Modal title

Modal body text goes here.

The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate’s ability to maintain Fortinet’s quality standards in technical knowledge, skills and instructional abilities.

Who can apply?

The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:

  • Extensive technical knowledge and skills in network security and cybersecurity
  • Five years of relevant experience in network security and cybersecurity
  • Certification in the required NSE training courses
  • Five years of experience in training delivery in IT security
  • Demonstrable training facilitation and delivery skills

If you meet all of these requirements you can apply for the FCT assessment!

Please contact fct@fortinet.com for queries and suggestions.

Skip to main content
Training Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
  • Log in
  • Training

FortiSIEM Analyst

Blocks

Certification

This exam is part of the FCSS - Security Operations certification track.

Visit the Cybersecurity Certification page for information about certification requirements.

Exams available at Pearson VUE are listed below. Select an exam to view the details.

Fortinet NSE 6 - FortiSIEM 7.2 Analyst

Status: Available

The Fortinet NSE 6 - FortiSIEM 7.2 Analyst exam evaluates your knowledge of, and expertise with, FortiSIEM to search, enrich, and analyze security events.

This exam tests your applied knowledge of FortiSIEM analytics, and includes operational scenarios, incident analysis, integration with ZTNA, and troubleshooting scenarios.

Once you pass the exam, you will receive the following exam badge:

Audience

The Fortinet NSE 6 - FortiSIEM 7.2 Analyst exam is intended for security professionals responsible for the detection, analysis, and remediation of security incidents using FortiSIEM.

Exam Details
Time allowed 60 minutes
Exam questions 30–35 questions
Scoring Pass or fail. A score report is available from your Pearson VUE account.
Language English, Japanese
Product version FortiSIEM 7.2
Exam Topics

Successful candidates have applied knowledge and skills in the following areas and tasks:

  • Analytics
    • Build queries from search results and events
    • Apply group by and data aggregation on search results
    • Perform CMDB and lookup table queries
    • Perform nested query lookups
  • FortiEDR security settings and policies
    • Configure communication control policy
    • Configure security policies
    • Configure playbooks
    • Explain Fortinet Cloud Service (FCS)
  • Rules and subpatterns
    • Identify various rule components
    • Utilize rule subpatterns, aggregation, and group by
    • Configure FortiSIEM analytics rules
  • Incidents, notifications, and remediation
    • Manage incidents
    • Configure notification policies
    • Configure remediation options
  • Machine learning, UEBA, and ZTNA
    • Configure machine learning configuration tasks
    • Integrate UEBA data into rules and dashboards
    • Describe how to integrate ZTNA into FortiSIEM operations
Training Resources

The following resources are recommended for attaining the knowledge and skills that are covered on the exam. The recommended training is available as a foundation for exam preparation. In addition to training, you are strongly encouraged to have hands-on experience with the exam topics and objectives.

  • FortiSIEM 7.2 Analyst course and hands-on labs
  • FortiSIEM 7.2.0—User Guide
    • Refer to the Machine Learning section of the User Guide for machine learning related information.
    • Refer to the Analytics Settings section of the User Guide for UEBA-related information.
  • Agentless ZTNA with FortiSIEM UEBA and FortiGate
    • Refer to this guide for FortiSIEM UEBA-related information.
Experience

A minimum of 6 months of practical experience with FortiSIEM administration, or equivalent SIEM products, is recommended.

Exam Sample Questions

A set of sample questions is available from the Fortinet Training Institute. These questions represent the exam content in question type and content scope. However, the questions do not necessarily represent all the exam content, nor are they intended to assess your readiness to take the certification exam.

See the Fortinet Training Institute for the course that includes the sample questions

Examination Policies and Procedures

The Fortinet Training Institute recommends that you review the exam policies and procedures before you register for the exam. Access important information on the Fortinet Training Institute Policies page, and find answers to common questions on the FAQ page.

Questions?

If you have more questions about the NSE Certification Program, contact us through the Fortinet Training Institute Helpdesk page.

Blocks

  • Dashboard
  • Library
  • Schedule
You are not logged in. (Log in)
Data retention summary