Course Objectives

After completing this course, you should be able to:

• Identify challenges of security teams, and assist security teams with SOAR best practices
• Identify the role of SOAR in assisting security teams
• Describe the basics of SOAR technology
• Manage licenses
• Deploy and manage FortiSOAR VM
• Configure teams, roles, and users
• Configure authentication
• Schedule the purging of audit logs and executed playbook logs
• Configure playbook recovery
• Configure environment variables
• Configure company branding
• Configure system fixtures
• Monitor and manage audit logs
• Use the configuration manager
• Monitor system resources
• Deploy, configure, manage, and troubleshoot a FortiSOAR high availability cluster
• Identify the types of logs used for troubleshooting
• Troubleshoot key services and processes on FortiSOAR

Pre-Requisites

You must have an understanding of the topics covered in the following course, or have equivalent experience:

• NSE 4 FortiGate Security

Familiarity with SOC technologies and processes is recommended.

Certifications

This course prepares you for the NSE 6 FortiSOAR Administrator certification exam.