Home > Vendors > advanced-technology-courses > atc-fht200

Share

ATC-FHT200 - Falcon Platform For Administrators

This course instructs new and beginning users on the technical fundamentals of  CrowdStrike Falcon. The course is appropriate for those who use Falcon on a day-to-day basis and focuses on the installation, configuration and day-to-day management of the products. It is intended for technical contributors who will be administrating and using the Falcon console.

Code: atc-fht200

Duration: 1.0 day

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

Students who complete this course should be able to:

  • Navigate through the Falcon console
  • Identify all applications within the Falcon console
  • Understand what specific tasks can be accomplished within the various applications
  • Locate and download the latest OS-specific Falcon Sensor
  • Install and configure the Falcon console

Content

USER MANAGEMENT

  • Determine roles required for access to features
  • Create a new user, delete a user and edit a user, etc.

SENSOR DEPLOYMENT

  • Analyze the pre-installation OS/Networking requirements prior to installing the Falcon sensor
  • Analyze the default policies and apply best practices in order to prepare workloads for the Falcon sensor
  • Apply appropriate settings to successfully install a Falcon sensor on Windows, Linux and macOS
  • Uninstall a sensor
  • Troubleshoot a sensor

HOST MANAGEMENT

  • Filter and search the Falcon console to find and manage hosts

GROUP CREATION

  • Determine the appropriate group assignment for endpoints and understand how this impacts the application of policies

PREVENTION POLICIES

  • Determine the appropriate prevention policy settings for endpoints and explain how this impacts security posture

 CUSTOM IOA RULES

  • Create custom IOA rules to monitor behavior that is not fundamentally malicious.

 SENSOR UPDATE POLICIES

  • Determine the appropriate sensor update policy settings and related general settings in order to control the update process

 QUARANTINE FILES

  • Apply options required to manage quarantine files

 IOC MANAGEMENT

  • Assess IOC settings required for customized security posturing and to manage false positives

CONTAINMENT POLICIES

  • Configure an allow list appropriate IP addresses, while the network is under containment, based on security workflow requirements

EXCLUSIONS

  • Monitor business requirements in order to allow trusted activity and resolve false positives and performance issues.

FIREWALL POLICIES

  • Describe how to create a firewall policy
  • Describe how to configure rule groups, configure traffic rules, and apply rule groups to firewall policies.

SENSOR REPORTS

  • Explain the different types of sensors reports and what each report provides. 

USB POLICIES

  • Apply a USB device policy to restrict or allow access to USB devices.

REAL TIME RESPONSE POLICIES

  • Apply roles and policy settings, and track and review RTR audit logs in order to manage user activity.

NOTIFICATION WORKFLOW

  • Configure custom alerts to notify individuals about policies, detections, and incidents.

Audience

Prerequisites

To obtain the maximum benefit from this class, you should meet the following requirements:

  • Perform basic operations on a personal computer
  • Have a basic knowledge of cybersecurity incident investigation and the incident lifecycle
  • Be familiar with the Microsoft Windows environment
  • Comprehend course curriculum presented in English

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Advanced Technology Courses Popular Courses

atc-python-programming

The course is all about to learn the Python programming language. Its emphasis the core libraries and most useful libraries developed by the Python.

atc-fht200

This course teaches individuals how to become proficient in the administration and management of the Falcon Platform, a cyber-security platform by CrowdStrike.

atc-lcnc

Low code/no code platforms allow non-technical users to create custom applications through a visual interface without writing code, increasing accessibility and

atc-isc

Our Trainer the Trainer course is designed to equip aspiring trainers with the skills and knowledge they need to deliver effective and engaging training session
Enquire Now
e4y7v8
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy