Learn Modern Technology This program provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities.
Contents
Audience
Pre-requisites
Goals- Using the QRadar SIEM user interface
- Investigating an Offense triggered by events
- Investigating the events of an offense
- Investigating an offense that is triggered by flows
- Using rules
- Using the Network Hierarchy
- Index and Aggregated Data Management
- Using the QRadar SIEM dashboard
- Creating QRadar SIEM reports
- Using AQL for advanced searches
- Analyze a real-world large-scale attack
Security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.
Before taking this program, make sure that you have the following skills:
- IT infrastructure
- IT security fundamentals
- Linux
- Windows
- TCP/IP networking
- Syslog
Learn to
- • Describe how QRadar SIEM collects data to detect suspicious activities
- Describe the QRadar SIEM component architecture and data flows
- Investigate suspected attacks and policy violations
- Investigate events and flows and asset profiles
- Investigate asset profiles
- Determine how rules test incoming data and create offenses
- Analyze a real world scenario
Delivery Method : Classroom Training
Duration : 24 hours
Level : Basic
Languages : English
Duration : 24 hours
Level : Basic
Languages : English
Related Courses
Access Manager Platform Foundations
Administration of DataPower Gateway V7.6
Creating, Publishing & Securing APIs with API Connect
Guardium (V10) Foundations
MQ V9 System Administration
QRadar SIEM Advanced Topics
QRadar SIEM Foundations
Spectrum Protect 8.1.2 Implementation and Administration
Storwize V7000 Implementation Workshop
