Crowdstrike: Zero To Falcon Admin

Master the Falcon Platform from an Administrative Perspective

What you'll learn

Pass the CrowdStrike Certified Falcon Administrator (CCFA) exam!

Gain mastery of the Falcon platform: Learn how to navigate and use the various features of the CrowdStrike Falcon platform related to administrative duties.

Learn the core principles of endpoint protection, including deployment, host management, troubleshooting, and response.

Learn best practices for security operations: Gain an understanding of industry-standard security practices and how to apply them to your organization.

Requirements

A connection to the internet

Description

This course is designed to provide learners with an in-depth understanding of CrowdStrike/EDR, a powerful endpoint security tool. Participants will learn how to install and configure CrowdStrike/EDR, manage hosts, create and manage prevention policies, customize IOAs, manage exclusions and quarantines, and troubleshoot issues. Additionally, this course includes an exam preparation module that will equip learners with the knowledge and skills needed to pass the certification exam.Module 1: What is CrowdStrike/EDRIntroduction to CrowdStrike/EDRUnderstanding Endpoint Detection and Response (EDR)Key features and benefits of CrowdStrike/EDRModule 2: Users and RolesUser and role management in CrowdStrike/EDRUnderstanding permissions and access levelsBest practices for user and role managementModule 3: InstallationCrowdStrike/EDR installation prerequisitesInstalling CrowdStrike/EDR on endpointsPost-installation configurations and best practicesModule 4: TroubleshootingTroubleshooting common issues with CrowdStrike/EDRBest practices for effective troubleshootingModule 5: Uninstalling & Sensor updatesUninstalling CrowdStrike/EDR from endpointsUpdating CrowdStrike/EDR sensorsBest practices for sensor managementModule 6: Host managementManaging hosts using CrowdStrike/EDRUnderstanding host groups and policiesBest practices for host managementModule 7: Prevention policiesCreating and managing prevention policies in CrowdStrike/EDRUnderstanding policy rules and configurationsBest practices for policy managementModule 8: Custom IOAsCreating custom Indicators of Attack (IOAs) in CrowdStrike/EDRUnderstanding IOA rules and configurationsBest practices for custom IOA managementModule 9: Exclusions and QuarantinesManaging exclusions and quarantines in CrowdStrike/EDRUnderstanding exclusion and quarantine rules and configurationsBest practices for exclusion and quarantine managementModule 10: Exam PreparationPreparing for the CrowdStrike/EDR certification examTarget audience: IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.

Overview

Section 1: Introduction

Lecture 1 Introduction to the Course

Lecture 2 Module 1 What is CrowdStrike/EDR

Lecture 3 Module 1 Demo: Overview of the Console

Lecture 4 Module 2 Users and Roles

Lecture 5 Module 2 Demo: Users and Roles

Lecture 6 Module 3 Installation

Lecture 7 Module 3 Demo: Installing Sensors

Lecture 8 Module 4 Troubleshooting

Lecture 9 Module 5 Uninstalling & Sensor updates

Lecture 10 Module 5 Demo: Sensor Update Policies

Lecture 11 Module 6 Host management

Lecture 12 Module 6 Demo: Host Groups

Lecture 13 Module 7 Prevention Policies

Lecture 14 Module 7 Demo: Prevention Settings

Lecture 15 Module 8 Custom IOAs

Lecture 16 Module 8 Demo: Creating Custom IOAs

Lecture 17 Module 9 Exclusions and Quarantines

Lecture 18 Module 9: Reviewing Exclusions

Lecture 19 Module 10 Exam Preparation

Learners should have a basic understanding of cybersecurity principles and some experience with endpoint security management. They should also have a working knowledge of operating systems, networking, and cybersecurity concepts.,Professionals wanting to advance their understanding of EDR tools,IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.