ATC-FHT200 - Falcon Platform For Administrators

This course instructs new and beginning users on the technical fundamentals of  CrowdStrike Falcon. The course is appropriate for those who use Falcon on a day-to-day basis and focuses on the installation, configuration and day-to-day management of the products. It is intended for technical contributors who will be administrating and using the Falcon console.

Code: atc-fht200

Duration: 1.0 day

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

Students who complete this course should be able to:

  • Navigate through the Falcon console
  • Identify all applications within the Falcon console
  • Understand what specific tasks can be accomplished within the various applications
  • Locate and download the latest OS-specific Falcon Sensor
  • Install and configure the Falcon console

Content

USER MANAGEMENT

  • Determine roles required for access to features
  • Create a new user, delete a user and edit a user, etc.

SENSOR DEPLOYMENT

  • Analyze the pre-installation OS/Networking requirements prior to installing the Falcon sensor
  • Analyze the default policies and apply best practices in order to prepare workloads for the Falcon sensor
  • Apply appropriate settings to successfully install a Falcon sensor on Windows, Linux and macOS
  • Uninstall a sensor
  • Troubleshoot a sensor

HOST MANAGEMENT

  • Filter and search the Falcon console to find and manage hosts

GROUP CREATION

  • Determine the appropriate group assignment for endpoints and understand how this impacts the application of policies

PREVENTION POLICIES

  • Determine the appropriate prevention policy settings for endpoints and explain how this impacts security posture

 CUSTOM IOA RULES

  • Create custom IOA rules to monitor behavior that is not fundamentally malicious.

 SENSOR UPDATE POLICIES

  • Determine the appropriate sensor update policy settings and related general settings in order to control the update process

 QUARANTINE FILES

  • Apply options required to manage quarantine files

 IOC MANAGEMENT

  • Assess IOC settings required for customized security posturing and to manage false positives

CONTAINMENT POLICIES

  • Configure an allow list appropriate IP addresses, while the network is under containment, based on security workflow requirements

EXCLUSIONS

  • Monitor business requirements in order to allow trusted activity and resolve false positives and performance issues.

FIREWALL POLICIES

  • Describe how to create a firewall policy
  • Describe how to configure rule groups, configure traffic rules, and apply rule groups to firewall policies.

SENSOR REPORTS

  • Explain the different types of sensors reports and what each report provides. 

USB POLICIES

  • Apply a USB device policy to restrict or allow access to USB devices.

REAL TIME RESPONSE POLICIES

  • Apply roles and policy settings, and track and review RTR audit logs in order to manage user activity.

NOTIFICATION WORKFLOW

  • Configure custom alerts to notify individuals about policies, detections, and incidents.

Audience

Prerequisites

To obtain the maximum benefit from this class, you should meet the following requirements:

  • Perform basic operations on a personal computer
  • Have a basic knowledge of cybersecurity incident investigation and the incident lifecycle
  • Be familiar with the Microsoft Windows environment
  • Comprehend course curriculum presented in English

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Advanced Technology Courses Popular Courses

atc-python-programming

The course is all about to learn the Python programming language. Its emphasis the core libraries and most useful libraries developed by the Python.

atc-aif

The Artificial Intelligence Fundamentals course provides a comprehensive introduction to the basic principles and concepts of artificial intelligence (AI). This

atc-isc

Our Trainer the Trainer course is designed to equip aspiring trainers with the skills and knowledge they need to deliver effective and engaging training session

atc-fht200

This course teaches individuals how to become proficient in the administration and management of the Falcon Platform, a cyber-security platform by CrowdStrike.


Enquire Now
 
 
 
 
Nq8mm6
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy