CrowdStrike: Zero to Falcon Admin
Disclaimer: This course offered independently by Blue Team Consulting, LLC and is not affiliated with CrowdStrike, Inc.
What you will learn
Gain mastery of the Falcon platform: Learn how to navigate and use the various features of the CrowdStrike Falcon platform related to administrative duties.
Learn the core principles of endpoint protection, including deployment, host management, troubleshooting, and response.
Learn best practices for security operations: Gain an understanding of industry-standard security practices and how to apply them to your organization.
Cybersecurity Engineering Concepts for Configuring an EDR Console
Why take this course?
Master the Falcon Platform from an Administrative Perspective
This course is designed to provide learners with an in-depth understanding of CrowdStrike/EDR, a powerful endpoint security tool. Participants will learn how to install and configure CrowdStrike/EDR, manage hosts, create and manage prevention policies, customize IOAs, manage exclusions and quarantines, and troubleshoot issues.
Module 1: What is CrowdStrike/EDR
Introduction to CrowdStrike/EDR
Understanding Endpoint Detection and Response (EDR)
Key features and benefits of CrowdStrike/EDR
Module 2: Users and Roles
User and role management in CrowdStrike/EDR
Understanding permissions and access levels
Best practices for user and role management
Module 3: Installation
CrowdStrike/EDR installation prerequisites
Installing CrowdStrike/EDR on endpoints
Post-installation configurations and best practices
Module 4: Troubleshooting
Troubleshooting common issues with CrowdStrike/EDR
Best practices for effective troubleshooting
Module 5: Uninstalling & Sensor updates
Uninstalling CrowdStrike/EDR from endpoints
Updating CrowdStrike/EDR sensors
Best practices for sensor management
Module 6: Host management
Managing hosts using CrowdStrike/EDR
Understanding host groups and policies
Best practices for host management
Module 7: Prevention policies
Creating and managing prevention policies in CrowdStrike/EDR
Understanding policy rules and configurations
Best practices for policy management
Module 8: Custom IOAs
Creating custom Indicators of Attack (IOAs) in CrowdStrike/EDR
Understanding IOA rules and configurations
Best practices for custom IOA management
Module 9: Exclusions and Quarantines
Managing exclusions and quarantines in CrowdStrike/EDR
Understanding exclusion and quarantine rules and configurations
Best practices for exclusion and quarantine management
Target audience: IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.