Praha (42 000 Kč)
Brno (na vyžádání)
Bratislava (1 680 €)
BM QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. QRadar SIEM classifies suspected attacks and policy violations as offenses.
This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.
In this 3-day instructor-led course, you learn how to perform the following tasks:
Extensive lab exercises are provided to allow students an insight into the routine work of an IT Security Analyst operating the IBM QRadar SIEM platform. The exercises cover the following topics:
The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.
After completing this course, you should be able to perform the following tasks:
Before taking this course, make sure that you have the following skills:
Unit 1: Introduction to IBM QRadar
Unit 2: IBM QRadar SIEM component architecture and data flows
Unit 3: Using the QRadar SIEM User Interface
Unit 4: Investigating an Offense Triggered by Events
Unit 5: Investigating the Events of an Offense
Unit 6: Using Asset Profiles to Investigate Offenses
Unit 7: Investigating an Offense Triggered by Flows
Unit 8: Using Rules
Unit 9: Using the Network Hierarchy
Unit 10: Index and Aggregated Data Management
Unit 11: Using the QRadar SIEM Dashboard
Unit 12: Creating Reports
Unit 13: Using Filters
Unit 14: Using the Ariel Query Language (AQL) for Advanced Searches
Unit 15: Analyzing a Real-World Large-Scale Attack
Appendix A: A real-world scenario introduction to IBM QRadar SIEM
Appendix B: IBM QRadar architecture
Uvedené ceny jsou bez DPH.