IBM Security QRadar SIEM Administration

COURSE OUTLINE:

Description

In this course, you will learn how to minimize the time between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks, and services configuration.

Audience

QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments

Prerequisites

Basic knowledge of the purpose and use of a security intelligence platform
Familiarity with the Linux command line interface and PuTTY
Familiarity with Custom Rules engine (CRE) rules
Familiarity with the Ariel database and its purpose in QRadar SIEM
Have attended IBM Security QRadar SIEM Foundations or be able to navigate and use the QRadar SIEM Console

Learning Objectives

Install and manage automatic updates to QRadar SIEM assets
Configure QRadar backup and restore policies
QRadar administration tools to aggregate, review, and interpret metrics
Network hierarchy objects to manage QRadar SIEM objects and groups
Manage QRadar hosts and licenses and deploy assets
Monitor the health of assets in a QRadar deployment
Configure system settings and asset profiles
Configure reasons that QRadar administrators use to close offenses
Create and manage reference sets
Configure user accounts including user profiles and authorizations
Manage QRadar log sources
Store event and flow data
Manage QRadar flow sources
Manage groups that monitor Internet networks and services

Course Outline:

Auto Update
Backup and Recovery
Index and Aggregated Data Management
Network Hierarchy
System Management
License Management
Deployment Actions
High Availability management
System Health and Master Console
System Settings and Asset Profiler Configuration
Custom Offense Close Reasons
Reference Set Management
Authorized Services
Users, User Roles, and Security Profiles
Log Sources
Log Source Extensions
Log Source parsing Ordering
Event and Flow Retention
Flow Sources
Flow Sources Aliases
Remote Networks and Services

RELATED COURSES

Courses
Cyber Security

Implementing Unified Communications Security

Students will learn to install, configure, and maintain security on a Cisco Unified Communications solution.

Courses
Cyber Security

F5 BIG-IP Application Security Manager (ASM) v11x

In this course, you will learn how to manage web-based and XML application attacks and how to use Application Security Manager to defend against these attacks.

You will cover installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations.

Courses
Cyber Security

Certified Information Privacy Professional Canada (CIPP/C) Prep Course

In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other Internet-related technologies.

You will gain an introduction to the Canadian legal system and statues related to privacy in the private sector. Key concepts and practices related to the collection, retention, use, disclosure, and disposal of personal information by federal, provincial and territorial governments will be discussed. You will also learn about compliance practices related to private, public, and health-sectors.

This two-day program covering the principals of information privacy in Canada includes:

Official IAPP CIPP participant guide
Official IAPP CIPP textbook Official
IAPP CIPP practice test
IAPP CIPP/C certification exam voucher
IAPP membership for one year

Note: Your contact information must be provided to the IAPP for membership services fulfillment.

Courses
Cyber Security

Certified Information Privacy Professional US Government (CIPP/G) Prep Course

You will gain an introduction to US government privacy definitions and principals as well as a discussion around privacy and in the intelligence community. You will learn how to adequately protect government information, leadership responsibilities, information security, and compliance monitoring and workforce management.

This two-day program covering the principals of information privacy in the US government includes:

Official IAPP CIPP participant guide
Official IAPP CIPP textbook
Official IAPP CIPP practice test
IAPP CIPP/G certification exam voucher
IAPP membership for one year

Note: Your contact information must be provided to the IAPP and will be used by IAPP for membership services fulfillment in accordance with IAPP’s policies.