QRadar SIEM provides deep visibility into network, user, and application activity.
- Course Outline
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned.
WHAT YOU'LL LEARN
- Describe the purpose and capabilities of the QRadar SIEM licensed program
- Describe how QRadar SIEM collects data and performs vulnerability assessment
- Learn how to navigate and customize the dashboard tab
- Learn how to investigate the information contained in an offense and respond to an offense
- Learn ÿhow to find, filter, and group events in order to gain critical insights about the offense
- Learn how to create and edit a search that monitors the events of suspicious hosts
- Learn ÿhow asset profiles are created and updated, and how to use them as part of an offense investigation
- Learn how to investigate the flows that contribute to an offense, create and tune false positives, and investigate superflows
- Learn ÿhow to find custom rules in the QRadar SIEM console, assign actions and responses to the rule, and how to configure rules
- Learn how to use charts and apply advanced filters to examine specific activities in your environment
WHO SHOULD ATTENDThis basic course is suitable for security analysts, security technical architects, offense managers, network administrators, and system administrators.
- Prerequisites & Certificates
Certificate of completion
- Cancellation Policy
We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted.
Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.
- Map & Reviews
[ View Provider's Profile ]
ReviewsHere are some reviews of the training vendor.
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.
This page has been viewed 186 times.