Security Ops IBM Security QRadar SIEM Foundations BQ102G

IBM Security QRadar SIEM Foundations BQ102G

Location:

Date of Class:

Instructor:

Last Day To Enroll:

1500.00 1,500.00
$1,500.00
PRICE PER USER
$
X
USERS


=
SUBTOTAL
$
  • Course Delivery: Virtual Classroom
  • Duration: 16 

Chat Live | Contact Us | Toll Free: (888) 360-8764

 

Description

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned.

Prerequisites

You must have:
  • Basic TCP/IP networking skills.
  • Basic TCP/IP networking skills
  • Basic information security skills

You should also have:

  • WebSphere administration skills, which can be obtained by completing an IBM WebSphere Application Server V8.5.5 Administration course WebSphere Application Server V8.5.5 Administration (WA855), WebSphere Application Server V8.5.5 Administration (Remote Classroom) (VA855), or WebSphere Application Server V8.5.5 Administration (Self-paced) (ZA855) or through practical experience in administering a WebSphere Application Server environment.

Audience:

This intermediate course is designed for anyone who works on WebSphere related applications and projects, including administrators, IBM Business Partners, independent software vendors (ISVs), and consultants.

 

Course Objectives

Objective

  • Describe the purpose and capabilities of the QRadar SIEM licensed program
  • Describe how QRadar SIEM collects data and performs vulnerability assessment
  • Learn how to navigate and customize the dashboard tab
  • Learn how to investigate the information contained in an offense and respond to an offense
  • Learn how to find, filter, and group events in order to gain critical insights about the offense
  • Learn how to create and edit a search that monitors the events of suspicious hosts
  • Learn how asset profiles are created and updated, and how to use them as part of an offense investigation
  • Learn how to investigate the flows that contribute to an offense, create and tune false positives, and investigate superflows
  • Learn how to find custom rules in the QRadar SIEM console, assign actions and responses to the rule, and how to configure rules
  • Learn how to use charts and apply advanced filters to examine specific activities in your environment
 

Topics Covered

Course Outline

  • Unit 1: Introduction to IBM Security QRadar SIEM
  • Unit 2: How QRadar SIEM collects security data
  • Unit 3: Using the QRadar SIEM Dashboard
  • Unit 4: Investigating an offense that is triggered by events
  • Unit 5: Investigating the events of an offense
  • Unit 6: Using asset profiles to investigate offenses
  • Unit 7: Investigating an offense that is triggered by flows
  • Unit 8: Using rules and building blocks
  • Unit 9: Creating QRadar SIEM reports
  • Unit 10: Performing advanced filtering
 

Subject Matter Expert

For over 25 years, Avnet has been helping customers realize the value of technology training through major systems implementations, integration and development.

Got questions? Contact us below or call 877-881-2235

Why Choose 360training.com?

  • Fast and easy courses completion
  • Get an education faster than at traditional colleges!
  • 100% online - No classroom attendance required.
  • Unlimited 24x7 online customer support
  • Over 500,000+ certified nationwide.