Advanced Threat Protection

Course Description

In this 2-day course, candidates will learn the following:

How to protect their organization and improve its security against advance threats that bypass traditional security controls
How FortiSandbox detects threats that traditional antivirus products miss
How FortiSandbox dynamically generates local threat intelligence, which can be shared throughout the network
How other advanced threat protection (ATP) components—FortiGate, FortiMail, FortiWeb, and FortiClient—leverage this threat intelligence information to protect organizations, from end-to-end, from advanced threats

Who Should Attend

This course is intended for network security engineers responsible for designing, implementing, and maintaining an advanced threat protection solution with FortiSandbox, in an Enterprise network environment.

Agenda

Attack Methodologies and the ATP Framework
Introduction to FortiSandbox
Protecting the Edge
Protecting Email Networks
Protecting Web Applications
Protecting End Users
Protecting Third-Party Appliances
Results Analysis

Objectives

After completing this course, candidates will be able to:

Identify different types of cyber attacks
Identify threat actors and their motivations
Understand the anatomy of an attack—the kill chain
Identify the potentially vulnerable entry points in an Enterprise network
Identify how the ATP framework works to break the kill chain
Identify the role of FortiSandbox in the ATP framework
Identify appropriate applications for sandboxing
Identify FortiSandbox architecture
Identify FortiSandbox key components
Identify the appropriate network topology requirements
Configure FortiSandbox
Monitor FortiSandbox operation
Configure FortiGate integration with FortiSandbox
Configure FortiMail integration with FortiSandbox
Configure FortiWeb integration with FortiSandbox
Configure FortiClient integration with FortiSandbox
Troubleshoot FortiSandbox-related issues
Perform analysis of outbreak events
Remediate outbreak events based on log and report analysis

System Requirements

If candidates take an online format of this class, they must have a computer that has the following:

A high-speed Internet connection
An up-to-date web browser
A PDF viewer
Speakers / headphones

One of the following:

HTML 5 support
An up-to-date Java runtime environment (JRE) with Java plugin enabled in the web browser

Participants should use a wired Ethernet connection not a Wi-Fi connection. The firewall or FortiClient must allow connections to the online labs.

Get Started

Take a closer look at the content

Find a Class

Browse our schedule for upcoming classes

Product Versions

FortiSandbox 2.5

Formats

Instructor-led classroom
Instructor-led online*
Self-paced online

_{*Private class only. Please contact their Fortinet sales representative.}

Prerequisites

Candidates must have an understanding of the topics covered in the following courses, or have equivalent experience:

NSE 4 FortiGate Security
NSE 4 FortiGate Infrastructure

It is also recommended that candidates have an understanding of the topics covered in the following courses, or have equivalent experience:

NSE 6 FortiMail
NSE 6 FortiWeb

Certification

This course is intended to help candidates prepare for the NSE 7 Advanced Threat Protection certification exam.