CrowdStrike: Zero to Falcon Admin Master the Falcon Platform from an Administrative Perspective
What you'll learn
Pass the CrowdStrike Certified Falcon Administrator (CCFA) exam!
Gain mastery of the Falcon platform: Learn how to navigate and use the various features of the CrowdStrike Falcon platform related to administrative duties.
Learn the core principles of endpoint protection, including deployment, host management, troubleshooting, and response.
Learn best practices for security operations: Gain an understanding of industry-standard security practices and how to apply them to your organization.
Requirements
- A connection to the internet
Description
This course is designed to provide learners with an in-depth understanding of CrowdStrike/EDR, a powerful endpoint security tool. Participants will learn how to install and configure CrowdStrike/EDR, manage hosts, create and manage prevention policies, customize IOAs, manage exclusions and quarantines, and troubleshoot issues. Additionally, this course includes an exam preparation module that will equip learners with the knowledge and skills needed to pass the certification exam.
Module 1: What is CrowdStrike/EDR
Introduction to CrowdStrike/EDR
Understanding Endpoint Detection and Response (EDR)
Key features and benefits of CrowdStrike/EDR
Module 2: Users and Roles
User and role management in CrowdStrike/EDR
Understanding permissions and access levels
Best practices for user and role management
Module 3: Installation
CrowdStrike/EDR installation prerequisites
Installing CrowdStrike/EDR on endpoints
Post-installation configurations and best practices
Module 4: Troubleshooting
Troubleshooting common issues with CrowdStrike/EDR
Best practices for effective troubleshooting
Module 5: Uninstalling & Sensor updates
Uninstalling CrowdStrike/EDR from endpoints
Updating CrowdStrike/EDR sensors
Best practices for sensor management
Module 6: Host management
Managing hosts using CrowdStrike/EDR
Understanding host groups and policies
Best practices for host management
Module 7: Prevention policies
Creating and managing prevention policies in CrowdStrike/EDR
Understanding policy rules and configurations
Best practices for policy management
Module 8: Custom IOAs
Creating custom Indicators of Attack (IOAs) in CrowdStrike/EDR
Understanding IOA rules and configurations
Best practices for custom IOA management
Module 9: Exclusions and Quarantines
Managing exclusions and quarantines in CrowdStrike/EDR
Understanding exclusion and quarantine rules and configurations
Best practices for exclusion and quarantine management
Module 10: Exam Preparation
Preparing for the CrowdStrike/EDR certification exam
Target audience: IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.
Who this course is for:
- Learners should have a basic understanding of cybersecurity principles and some experience with endpoint security management. They should also have a working knowledge of operating systems, networking, and cybersecurity concepts.
- Professionals wanting to advance their understanding of EDR tools
- IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.