ibm bq102g - ibm security qradar siem foundations · pdf fileibm bq102g - ibm security qradar...

IBM BQ102G - IBM SECURITY QRADAR SIEM FOUNDATIONS Dauer: 2 Tage Durchführungsart: Präsenztraining Zielgruppe: This basic course is suitable for security analysts, security technical architects, offense managers, network administrators, and system administrators. Voraussetzungen: You must have: Basic TCP/IP networking skills System administration knowledge Basic information security skills Nr.: 37255 Preis: 1.390,00 €netto / 1.654,10 € inkl. 19% MwSt. Schulungsmethode: presentation, discussion, hands-on exercises, demonstrations on the system QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned. Programm Key topics: - Introduction to IBM Security QRadar SIEM - How QRadar SIEM collects security data - Using the QRadar SIEM Dashboard - Investigating an offense that is triggered by events - Investigating the events of an offense - Using asset profiles to investigate offenses - Investigating an offense that is triggered by flows - Using rules and building blocks - Creating QRadar SIEM reports - Performing advanced filtering Objectives: - Purpose and capabilities of the QRadar SIEM licensed program - Describe how QRadar SIEM collects data and performs vulnerability assessment - Navigate and customize the dashboard tab - Investigate the information contained in an offense and respond to an offense - Find, filter, and group events in order to gain critical insights about the offense - Create and edit a search that monitors the events of suspicious hosts - Asset profiles are created and updated, and how to use them as part of an offense investigation

Upload: hoangkhue

Post on 06-Feb-2018

233 views

Category:

Documents

4 download

Report

Download

Embed Size (px):

TRANSCRIPT

IBM BQ102G - IBM SECURITY QRADAR SIEM FOUNDATIONS

Dauer: 2 Tage

Durchführungsart: Präsenztraining

Zielgruppe: This basic course is suitable for security analysts,security technical architects, offense managers, networkadministrators, and system administrators.

Voraussetzungen: You must have:Basic TCP/IP networking skills System administration knowledgeBasic information security skills

Nr.: 37255Preis: 1.390,00 €netto / 1.654,10 € inkl. 19% MwSt.

Schulungsmethode: presentation, discussion, hands-on exercises,demonstrations on the system

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, andsecure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information fromwhich QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned.

Programm

Key topics:- Introduction to IBM Security QRadar SIEM

- How QRadar SIEM collects security data

- Using the QRadar SIEM Dashboard

- Investigating an offense that is triggered by events

- Investigating the events of an offense

- Using asset profiles to investigate offenses

- Investigating an offense that is triggered by flows

- Using rules and building blocks

- Creating QRadar SIEM reports

- Performing advanced filtering

Objectives: