# Academy-integrated Day 1–2 Drills These drills connect the local NOC bootcamp with the confirmed Fortinet Academy path. Primary Academy course: - FortiGate 7.6 Operator - ENGLISH: `https://training.fortinet.com/course/view.php?id=67379` ## Day 1 — FortiGate Operator start ### Academy watch/do - Lesson 01: Overview — 5 min - Lesson 02: Configuring System Settings and Basic Networking — 15 min - Optional if energy remains: Lesson 03: Firewall Policies — 15 min ### Notes to extract For each lesson, write 3 bullets: ```text Fortinet term: What it means: Sophos equivalent / production analogy: Interview sentence: ``` ### Drill 1 — “service unreachable” interview answer Prompt: > Monitoring says internal web service is unreachable. Walk me through your first 10 minutes. Expected structure: 1. Confirm alert and scope. 2. Check DNS/resolution. 3. Check reachability and route. 4. Check TCP port/service. 5. Check firewall policy/session/logs. 6. Escalate with evidence if outside scope. Fortinet mapping: - interface status; - route lookup; - firewall policy; - session table; - traffic log; - system event log. ### Drill 2 — translate Lesson 02 to CLI checks For every FortiGate basic networking concept, map a Linux/NOC check: | Fortinet concept | NOC/Linux equivalent | |---|---| | Interface status | `ip link`, link state, counters | | IP address | `ip addr` | | Static route/default route | `ip route` | | DNS/server reachability | `dig`, `curl`, `ping` | | Admin access | SSH/HTTPS reachability, allowed management interface | ### Day 1 exit criteria - Can explain FortiGate Operator track in 30 seconds. - Can answer “what do you check first?” without random commands. - Can map Sophos firewall experience to FortiGate policies/routes/logs. ## Day 2 — Monitoring and maintenance ### Academy watch/do - FortiGate Operator Lesson 12: FortiGate System Maintenance and Monitoring — 20 min - Re-open Lesson 02 notes if basic networking is weak. ### Notes to extract ```text Monitoring object / log: What problem it reveals: Command or screen I would check: Interview phrase: ``` ### Drill 1 — “VPN user cannot connect” first response Do not solve deeply yet. Just gather evidence: - user/time/source IP; - SSL VPN vs IPsec; - auth failure vs tunnel failure vs routing after login; - relevant FortiGate logs; - current impact and escalation target. ### Drill 2 — NOC handover update Write this in 5 lines: ```text Incident: Impact: Evidence checked: Current hypothesis: Next action / owner: ``` ### Day 2 exit criteria - Can name which FortiGate logs/monitoring areas matter for NOC. - Can write a clean handover/update. - Can separate symptom from root cause.