Modal title

Modal body text goes here.

The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate’s ability to maintain Fortinet’s quality standards in technical knowledge, skills and instructional abilities.

Who can apply?

The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:

  • Extensive technical knowledge and skills in network security and cybersecurity
  • Five years of relevant experience in network security and cybersecurity
  • Certification in the required NSE training courses
  • Five years of experience in training delivery in IT security
  • Demonstrable training facilitation and delivery skills

If you meet all of these requirements you can apply for the FCT assessment!

Please contact fct@fortinet.com for queries and suggestions.

Skip to main content
Training Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
  • Log in
  • Training
  • Library

Security Operations Analyst

Download Course Description
Course Description

In this course, you will learn how to design, deploy, and manage a Fortinet SOC solution using advanced FortiAnalyzer features and functions to detect, investigate, and respond to cyberthreats. You will learn how to analyze and respond to security incidents according to industry best practices for incident handling. You will also learn how threat actors behave, how to identify and reduce your organization's attack surface, and how to use widely adopted industry frameworks and models to identify and characterize adversary behavior.

Who Should Attend

Security professionals involved in the design, implementation, and monitoring of Fortinet SOC solutions based on FortiAnalyzer should attend this course.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • FCP - FortiAnalyzer Analyst
  • FCP - FortiAnalyzer Administrator
Agenda
  1. SOC Concepts and Security Frameworks
  2. FortiAnalyzer Architecture
  3. SOC Operations
  4. SOC Automation
  5. Attack Surface and Vectors
  6. Reporting
Objectives

After completing this course, you should be able to:

  • Describe the main functions and roles within a SOC
  • Identify common security challenges that Fortinet SOC solutions address
  • Analyze simulated attacks and categorize attacker tactics using industry frameworks
  • Analyze and respond to security incidents according to industry best practices for incident handling
  • Describe basic FortiAnalyzer SOC concepts, definitions, and features
  • Manage administrative domains (ADOM)
  • Describe FortiAnalyzer operation modes
  • Configure FortiAnalyzer collectors and analyzers
  • Design and deploy FortiAnalyzer Fabric deployments
  • Manage Fabric groups
  • Analyze and manage events, and customize event handlers
  • Analyze and create incidents
  • Analyze threat hunting dashboards
  • Analyze indicators of compromise (IOCs) information from compromised hosts
  • Manage outbreak alerts
  • Identify playbook components
  • Describe trigger types and their properties
  • Create and customize playbooks from a template
  • Create new playbooks
  • Use variables in tasks
  • Configure connector actions
  • Monitor playbooks
  • Export and import playbooks
  • Configure automation stitch integrations between FortiAnalyzer and FortiGate
  • Identify the attack surface
  • Describe how to reduce the attack surface
  • Identify common attack vectors
  • Capture traffic flows
  • Configure new reports
  • Customize reports
System Requirements

If you take the online format of this class, you must use a computer that has the following:

  • A high-speed Internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers or headphones
  • One of the following:
    • HTML 5 support
    • An up-to-date Java Runtime Environment (JRE) with Java Plugin enabled on your web browser

You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.

Enroll Now

Access the latest self-paced training version
Purchasing Process

More information on how to purchase instructor-led courses, on-demand labs, exam vouchers, and study material.
Find an Instructor-Led Class

Browse our schedule for upcoming classes delivered by Fortinet.
Product Versions
  • FortiAnalyzer 7.4
Course Duration
  • Lecture time (estimated): 4 hours
  • Lab time (estimated): 8 hours
  • Total course duration (estimated): 12 hours
    • 2 full days or 3 half days
Formats
  • Instructor-led (classroom and online)
  • Self-paced online
ISC2
  • CPE training hours: 4
  • CPE lab hours: 8
  • CISSP domains: Security Operations
Part Number (SKU)

See Purchasing Process for more information

Exam

This course prepares you for the FCSS - Security Operations 7.4 Analyst. By passing this exam, you will be awarded the associated exam badge.

Certification

This exam is in the FCSS Security Operations certification track.

  • Dashboard
  • Library
  • Schedule
You are not logged in. (Log in)
Data retention summary