IBM Security QRadar SIEM Administration

COURSE OUTLINE:

Description

In this course, you will learn how to minimize the time between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks, and services configuration.

Audience

QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments

Prerequisites

Basic knowledge of the purpose and use of a security intelligence platform
Familiarity with the Linux command line interface and PuTTY
Familiarity with Custom Rules engine (CRE) rules
Familiarity with the Ariel database and its purpose in QRadar SIEM
Have attended IBM Security QRadar SIEM Foundations or be able to navigate and use the QRadar SIEM Console

Learning Objectives

Install and manage automatic updates to QRadar SIEM assets
Configure QRadar backup and restore policies
QRadar administration tools to aggregate, review, and interpret metrics
Network hierarchy objects to manage QRadar SIEM objects and groups
Manage QRadar hosts and licenses and deploy assets
Monitor the health of assets in a QRadar deployment
Configure system settings and asset profiles
Configure reasons that QRadar administrators use to close offenses
Create and manage reference sets
Configure user accounts including user profiles and authorizations
Manage QRadar log sources
Store event and flow data
Manage QRadar flow sources
Manage groups that monitor Internet networks and services

Course Outline:

Auto Update
Backup and Recovery
Index and Aggregated Data Management
Network Hierarchy
System Management
License Management
Deployment Actions
High Availability management
System Health and Master Console
System Settings and Asset Profiler Configuration
Custom Offense Close Reasons
Reference Set Management
Authorized Services
Users, User Roles, and Security Profiles
Log Sources
Log Source Extensions
Log Source parsing Ordering
Event and Flow Retention
Flow Sources
Flow Sources Aliases
Remote Networks and Services

RELATED COURSES

Courses
Cyber Security

Certified Information Privacy Professional Canada (CIPP/C) Prep Course

In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other Internet-related technologies.

You will gain an introduction to the Canadian legal system and statues related to privacy in the private sector. Key concepts and practices related to the collection, retention, use, disclosure, and disposal of personal information by federal, provincial and territorial governments will be discussed. You will also learn about compliance practices related to private, public, and health-sectors.

This two-day program covering the principals of information privacy in Canada includes:

Official IAPP CIPP participant guide
Official IAPP CIPP textbook Official
IAPP CIPP practice test
IAPP CIPP/C certification exam voucher
IAPP membership for one year

Note: Your contact information must be provided to the IAPP for membership services fulfillment.

Courses
Cyber Security

Certified Information Privacy Professional US Private-Sector (CIPP/US) Prep Course

In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn about common principles and approaches to privacy as well as the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered, which includes frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other Internet-related technologies.

The structure of US law, the enforcement of US privacy and security laws, and information management from a US perspective will be discussed, as well as the limitations on private-sector collection and usage of data. This course will also provide an introduction to workplace privacy considerations and US state laws related to marketing, financial data, data security, and breach notification.

This two-day program covers the principals of information privacy in the US private-sector, including:

Official IAPP CIPP participant guide
Official IAPP CIPP textbook
Official IAPP CIPP practice test
IAPP CIPP/US certification exam voucher
IAPP Membership for one year

Note: Your contact information must be provided to the IAPP and will be used by IAPP for membership services fulfillment in accordance with IAPP’s policies.

Courses
Cyber Security

F5 Troubleshooting BIG-IP

This course gives networking professionals hands-on knowledge of how to troubleshoot a BIG-IP system using a number of troubleshooting techniques as well as troubleshooting and system tools. This course includes lectures, labs, and discussions.

Courses
Cyber Security

Security Intelligence Fundamentals

Security intelligence is a fairly new discipline that has evolved from traditional log management and security information as well as event management solutions. This course focuses on the current IT and security landscape as well as the business and IT drivers behind a holistic IT security approach, which is a prerequisite to successfully thwart malicious attacks and the misuse of valuable enterprise assets.