In this course, you will learn how to minimize the time gap between when a suspicious activity occurs & when you detect it with the use of IBM Security QRadar. Attacks and policy violations leave their footprints in log events & network flows of your IT
- Course Start Date: Dec. 20
- Location: Virtual
- Time: 9:30 am - 5:30 pm (Note on end times)
- Duration: 2 days
09:30 AM - 05:30 PM
on the number or students and pace of the class.
It is important to allow for the class to run a little bit longer,
or finish a little sooner, than expected.
- Delivery Method(s):Virtual Instructor Led
- Seats Available: YES
- Category:IBM Security Systems
that provides you with the quality training that
you have come to expect, and combines it with
flexible learning and a self paced environment.
For more information click here.
- Course Outline
In this course, you will learn how to minimize the time gap between when a suspicious activity occurs and when you detect it with the use of IBM Security QRadar. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar's security information and event management (SIEM) correlates these scattered events and flows into offenses that alert you to suspicious activities. Using the skills taught in this course, you will be able to configure processing of uncommon events, work with reference data, and develop custom rules.
What You'll Learn
• Create custom log sources to utilize events from uncommon sources
• Create, maintain, and use reference data collections
• Develop and optimize custom rules to detect indicators of an attack or policy violation
Who Needs to Attend
• Security administrators
• Security technical architects
• Offense managers
• Professional services using QRadar SIEM
• QRadar SIEM administrators
• Have completed the IBM Security QRadar SIEM Foundations course
• Knowledgeable of:
◦ IT infrastructure
◦ IT security fundamentals
◦ Microsoft Windows
◦ TCP/IP networking
◦ Log files and events
1. Creating Custom Log Sources
2. Leveraging Reference Data Collections
3. Developing Custom Rules
- Prerequisites & Certificates
• Have completed the IBM Security QRadar SIEM Foundations course • Knowledgeable of: ◦ IT infrastructure ◦ IT security fundamentals ◦ Linux ◦ Microsoft Windows ◦ TCP/IP networking ◦ Log files and events
Certificate of completion
- Cancellation Policy
We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted.
Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.
- Map & Reviews
[ View Provider's Profile ]
your city, your province
your country .
ReviewsHere are some reviews of the training vendor.
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
Registration is fast, and will take approximately 3 minutes. There is no membership fee.
» You are also welcome to Make an Offer
In either case, our Make an Offer feature gives you the opportunity to name
your own price. Try it out, you might get lucky, just keep in mind it can
take up to 1 full business day to get a response!
This course is also scheduled on the following dates:
Not interested in this Course?
Tell us why:
This page has been viewed 35 times.