In this course, you will learn about FortiSIEM initial configurations, architecture, and the discovery of devices on the network and SOAR products in the industry. You will also learn how to collect performance information and aggregate it with Syslog data to enrich the overall view of the health of your environment, how to use the configuration database to greatly facilitate compliance audits, and how to integrate FortiSIEM into your network awareness infrastructure.
- Network Defense Essential (FortiGate) , Basic knowledge of networking, routing, and switching and OS.
Below is one offering of XCSA 1103 for the Spring/Summer 2023 term.
Start any time
- 10 weeks
- CRN 68166
Continuous Entry, Distance or Online
This is an online learning course. Start any time. You have 10 weeks from the date you register to complete this course.
- Important course information will be sent to you immediately after registering. Check your myBCIT email account to access this information.
Select students may be eligible for a tuition subsidy. Please email Selina_li@bcit.ca for more details. If you have any question about this course, please contact the Program Assistant Selina Li - firstname.lastname@example.org. Please include your BCIT student ID (if you have one). Note: BCIT reserves the right to cancel courses. In the event of a course cancellation, you will be notified at least two business days prior to the course start. Please ensure that your contact information is current in your myBCIT.
Upon successful completion of this course, the student will be able to:
- Identify business drivers for using SIEM tools
- Describe key features of FortiSIEM
- Understand how collectors, workers, and supervisors work together
- Create new users
- Describe and enable devices for discovery
- Configure users when to use agents
- Perform real-time, historic structured searches
- Group and aggregate search results
- Create custom incident rules
- Edit existing, or create new, reports
- Configure and customize the dashboards
- Identify Windows agent components
- Describe the purpose of Windows agents
- Understand how the Windows agent manager works in various deployment models
- Identify reports that relate to Windows agents
- Understand the FortiSIEM Linux file monitoring agent
- Understand agent registration
- Monitor agent communications after deployment
- Describe SOAR
Effective as of Winter 2022
Security Information and Event Management (SIEM)/Security Orchestration Automation & Response (SOAR) (XCSA 1103) is offered as a part of the following programs:
School of Energy
- Cybersecurity Analysis for Network Administrators
Interested in being notified about future offerings of Security Information and Event Management (SIEM)/Security Orchestration Automation & Response (SOAR) (XCSA 1103)? If so, fill out the information below and we'll notify you by email when courses for each new term are displayed here.
Programs and courses are subject to change without notice.