BQ105G: IBM QRadar SIEM Foundations
Inhalte
In this 3-day instructor-led course, you learn how to perform the following tasks:
Extensive lab exercises are provided to allow learners an insight into the routine work of an IT Security Analyst operating the QRadar SIEM platform. The exercises cover the following topics:
- Describe how QRadar collects data to detect suspicious activities
- Describe the QRadar architecture and data flows
- Navigate the user interface
- Define log sources, protocols, and event details
- Discover how QRadar collects and analyzes network flow information
- Describe the QRadar Custom Rule Engine
- Utilize the Use Case Manager app
- Discover and manage asset information
- Learn about a variety of QRadar apps, content extensions, and the App Framework
- Analyze offenses by using the QRadar UI and the Analyst Workflow app
- Search, filter, group, and analyze security data
Extensive lab exercises are provided to allow learners an insight into the routine work of an IT Security Analyst operating the QRadar SIEM platform. The exercises cover the following topics:
- Architecture exercises
- UI Overview exercises
- Log Sources exercises
- Flows and QRadar Network Insights exercises
- Custom Rule Engine (CRE) exercises
- Use Case Manager app exercises
- Assets exercises
- App Framework exercises
- Working with Offenses exercises.
- Search, filtering, and AQL exercises
- Reporting and Dashboards exercises
- QRadar Admin tasks exercises
Ziele
After completing this course, you should be able to perform the following tasks:
- Describe how QRadar collects data to detect suspicious activities
- Describe the QRadar architecture and data flows
- Navigate the user interface
- Define log sources, protocols, and event details
- Discover how QRadar collects and analyzes network flow information
- Describe the QRadar Custom Rule Engine
- Utilize the Use Case Manager app
- Discover and manage asset information
- Learn about a variety of QRadar apps, content extensions, and the App Framework
- Analyze offenses by using the QRadar UI and the Analyst Workflow app
- Search, filter, group, and analyze security data
- Use AQL for advanced searches
- Use QRadar to create customized reports
- Explore aggregated data management
- Define sophisticated reporting using Pulse Dashboards
- Discover QRadar administrative tasks
Zielgruppe
This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.
Voraussetzungen
Before taking this course, make sure that you have the following skills:
- IT infrastructure
- IT security fundamentals
- Linux
- Windows
- TCP/IP networking
- Syslog
Preise
Kursgebühr
2.550,00 € exkl. MwSt.
3.034,50 € inkl. MwSt. Kursdauer 3 Tage
Ihr CBT Trainingsteam
Gabriela Bücherl
Geschäftsführung
Vertrieb
Kontakt/Fragen:
beratung@cbt-training.de
Telefon: +49 (0)89-4576918-16
Anfrage für ein Firmenseminar
- Individuelle Zusammenstellung der Themen
- Maßgeschneidert auf Ihre Ziele
- Inhouse oder als Virtual Classroom LIVE Training
Leistungen Präsenz
- Schulung im Trainingscenter
- Verpflegung
- Teilnahmebestätigung / Zertifikat
Leistungen bei VCL Training
- Technischer Support
- Online Zugang
- Teilnahmebestätigung / Zertifikat