Select a different country or region to see content specific to your location and make online purchases.
x
GB
/
GBP
Image
Filter Events

Falcon Platform for Administrators - FHT 200

WGAC-CRO-FHT200

Crowdstrike Training Courses Certification

Schedule

See all events for this courseSee all Courses
Lab
CrowdStrike

Falcon Platform for Administrators - FHT 200

WGAC-CRO-FHT200

from $ 300

Description

This course instructs new and beginning users on the technical fundamentals of CrowdStrike Falcon.

The course is appropriate for those who use Falcon on a day-to-day basis and focuses on the installation, configuration and day-to-day management of the products.

It is intended for technical contributors who will be administrating and using the Falcon console.

Duration: 1 day

  • Have a basic knowledge of cybersecurity incident investigation and the incident lifecycle
  • Be familiar with the Microsoft Windows environment

  • Navigate through the Falcon console
  • Identify all applications within the Falcon console
  • Understand what specific tasks can be accomplished within the various applications
  • Locate and download the latest OS-specific Falcon Sensor
  • Install and configure the Falcon console

USER MANAGEMENT

  • Determine roles required for access to features
  • Create a new user, delete a user and edit a user, etc.

SENSOR DEPLOYMENT

  • Analyze the pre-installation OS/Networking requirements prior to installing the Falcon sensor
  • Analyze the default policies and apply best practices in order to prepare workloads for the Falcon sensor
  • Apply appropriate settings to successfully install a Falcon sensor on Windows, Linux and macOS
  • Uninstall a sensor
  • Troubleshoot a sensor

HOST MANAGEMENT

  • Filter and search the Falcon console to find and manage hosts

GROUP CREATION

  • Determine the appropriate group assignment for endpoints and understand how this impacts the application of policies

PREVENTION POLICIES

  • Determine the appropriate prevention policy settings for endpoints and explain how this impacts security posture

CUSTOM IOA RULES

  • Create custom IOA rules to monitor behavior that is not fundamentally malicious

SENSOR UPDATE POLICIES

  • Determine the appropriate sensor update policy settings and related general settings in order to control the update process

QUARANTINE FILES

  • Apply options required to manage quarantine files

IOC MANAGEMENT

  • Assess IOC settings required for customized security posturing and to manage false positives

CONTAINMENT POLICIES

  • Configure an allowlist appropriate IP addresses, while the network is under containment, based on security workflow requirements

EXCLUSIONS

  • Monitor business requirement in order to allow trusted activity, and resolve false positives and performance issues

FIREWALL POLICIES

  • Describe how to create a firewall policy
  • Describe how to configure rule groups, configure traffic rules and apply rule groups to firewall policies

SENSOR REPORTS

  • Explain the different types of sensor reports and what each report provides

USB POLICIES

  • Apply a USB device policy to restrict or allow access to USB devices

REAL TIME RESPONSE POLICIES

  • Apply roles and policy settings, and track and review RTR audit logs in order to manage user activity

NOTIFICATION WORKFLOW

  • Configure custom alerts to notify individuals about policies, detections and incidents
We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.