ibm security qradar siem administration - global...
TRANSCRIPT
BQ150G www.globalknowledge.co.uk [email protected] 01189 123456
IBM Security QRadar SIEM Administration
Duration: 3 Days Course Code: BQ150G
Overview:
IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are avariety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data sourceconfiguration, and remote networks and services configuration.
Target Audience:
This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.
Objectives:
Learning objectives Configure reasons that QRadar administrators use to close offenses
Install and manage automatic updates to QRadar SIEM assets Create and manage reference sets
Configure QRadar backup and restore policies Configure user accounts including user profiles and authorizations
Leverage QRadar administration tools to aggregate, review, and Manage QRadar log sourcesinterpret metrics
Store event and flow dataUse network hierarchy objects to manage QRadar SIEM objectsand groups Manage QRadar flow sources
Manage QRadar hosts and licenses and deploy assets Manage groups that monitor Internet networks and services
Monitor the health of assets in a QRadar deployment
Configure system settings and ass profiles
Prerequisites:
Before taking this course, make sure that you have the followingskills:
Basic knowledge of the purpose and use of a security intelligenceplatformFamiliarity with the Linux command line interface and PuTTYFamiliarity with Custom Rules engine (CRE) rulesFamiliarity with the Ariel database and its purpose in QRadarSIEMStudents should attend BQ102G, IBM Security QRadarFoundations or be able to navigate and use the QRadar SIEMConsoleStudents should attend BQ132G, IBM Security QRadar SIEMAdvanced Topics (optional)
BQ150G www.globalknowledge.co.uk [email protected] 01189 123456
Content:
Unit 1: Auto Update Unit 8: High Availability management Unit 15: Log Sources line line line
Unit 2: Backup and Recovery Unit 9: System Health and Master Console Unit 16: Log Source Extensionsline line line
Unit 3: Index and Aggregated Data Unit 10: System Settings and Asset Profiler Unit 17: Log Source parsing OrderingManagement Configuration lineline line
Unit 18: Event and Flow Retention Unit 4: Network Hierarchy Unit 11: Custom Offense Close Reasons lineline line
Unit 19: Flow SourcesUnit 5: System Management Unit 12: Reference Set Management lineline line
Unit 20: Flow Sources Aliases Unit 6: License Management Unit 13: Authorized Services lineline line
Unit 21: Remote Networks and ServicesUnit 7: Deployment Actions Unit 14: Users, User Roles, and Security lineline Profiles
line
Further Information:
For More information, or to book your course, please call us on Head Office 01189 123456 / Northern Office 0113 242 5931
www.globalknowledge.co.uk
Global Knowledge, Mulberry Business Park, Fishponds Road, Wokingham Berkshire RG41 2GY UK