IBM Security QRadar SIEM Administration

COURSE OUTLINE:

Description

In this course, you will learn how to minimize the time between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks, and services configuration.

Audience

QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments

Prerequisites

Basic knowledge of the purpose and use of a security intelligence platform
Familiarity with the Linux command line interface and PuTTY
Familiarity with Custom Rules engine (CRE) rules
Familiarity with the Ariel database and its purpose in QRadar SIEM
Have attended IBM Security QRadar SIEM Foundations or be able to navigate and use the QRadar SIEM Console

Learning Objectives

Install and manage automatic updates to QRadar SIEM assets
Configure QRadar backup and restore policies
QRadar administration tools to aggregate, review, and interpret metrics
Network hierarchy objects to manage QRadar SIEM objects and groups
Manage QRadar hosts and licenses and deploy assets
Monitor the health of assets in a QRadar deployment
Configure system settings and asset profiles
Configure reasons that QRadar administrators use to close offenses
Create and manage reference sets
Configure user accounts including user profiles and authorizations
Manage QRadar log sources
Store event and flow data
Manage QRadar flow sources
Manage groups that monitor Internet networks and services

Course Outline:

Auto Update
Backup and Recovery
Index and Aggregated Data Management
Network Hierarchy
System Management
License Management
Deployment Actions
High Availability management
System Health and Master Console
System Settings and Asset Profiler Configuration
Custom Offense Close Reasons
Reference Set Management
Authorized Services
Users, User Roles, and Security Profiles
Log Sources
Log Source Extensions
Log Source parsing Ordering
Event and Flow Retention
Flow Sources
Flow Sources Aliases
Remote Networks and Services

RELATED COURSES

Courses
Cyber Security

Certified Information Privacy Professional Canada (CIPP/C) Prep Course

In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other Internet-related technologies.

You will gain an introduction to the Canadian legal system and statues related to privacy in the private sector. Key concepts and practices related to the collection, retention, use, disclosure, and disposal of personal information by federal, provincial and territorial governments will be discussed. You will also learn about compliance practices related to private, public, and health-sectors.

This two-day program covering the principals of information privacy in Canada includes:

Official IAPP CIPP participant guide
Official IAPP CIPP textbook Official
IAPP CIPP practice test
IAPP CIPP/C certification exam voucher
IAPP membership for one year

Note: Your contact information must be provided to the IAPP for membership services fulfillment.

Courses
Cyber Security

Security Strategies in Windows Platforms and Applications

This course focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. The course highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The course also covers more information on Microsoft Windows OS hardening, application security, and incident management.

In addition to premium instructional content from Jones & Bartlett Learning’s comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized "virtual sandbox" learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice "white hat" hacking on a real IT infrastructureï¿½these are not simulations. Winner of the "Security Training and Educational Programs" top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry’s leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 20 hours of training exercises on how hackers and perpetrators use these applications and tools.

Certification:

This course covers content within the following industry certification exams:

Certified Information Systems Security Professional (CISSP) – five content domains covered
Security + – four content domains covered
System Security Certified Practitioner (SSCP) – six content domains covered
National Institute of Standards and Technology (NIST) – seven content domains covered
8570.01 – four content domains covered

Courses
Cyber Security

Certified Information Privacy Professional and Manager (CIPP/US, CIPM) Prep Course

The structure of US law, the enforcement of US privacy and security laws, and information management from a US perspective will be discussed as well as the limitations on private-sector collection and usage of data. This course will also provide an introduction to workplace privacy considerations and US state laws related to marketing, financial data, data security and breach notification.

You will learn how to create a privacy program at an organizational level, develop and implement a framework, and establish metrics to measure program effectiveness. In an interactive format applying practices to a real-world scenario, you will review privacy program practices through the privacy life cycle: assess, protect, sustain and respond.

This three-day program covering the principals of information privacy and privacy management in the US private-sector includes:

Official IAPP CIPP and CIPM participant guides
Official IAPP CIPP and CIPM textbooks
Official IAPP CIPP and CIPM practice tests
IAPP CIPP/US and CIPM certification exam vouchers
IAPP membership for one year

Note: Your contact information must be provided to the IAPP and will be used by IAPP for membership services fulfillment in accordance with IAPP’s policies.

Courses
Cyber Security

Securing Your Email with Cisco IronPort C-Series Part II

Who should attend Enterprise messaging managers and system administrators Email system designers and architects Network managers responsible for messaging implementation Prerequisites Attendees should possess the following background knowledge and skills: Experience configuring Cisco IronPort email security appliances through participation in the IronPort Configuration Workshop or equivalent working experience. Solid knowledge of TCP/IP fundamentals, including IP…