IBM Security QRadar SIEM Administration

COURSE OUTLINE:

Description

In this course, you will learn how to minimize the time between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks, and services configuration.

Audience

QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments

Prerequisites

Basic knowledge of the purpose and use of a security intelligence platform
Familiarity with the Linux command line interface and PuTTY
Familiarity with Custom Rules engine (CRE) rules
Familiarity with the Ariel database and its purpose in QRadar SIEM
Have attended IBM Security QRadar SIEM Foundations or be able to navigate and use the QRadar SIEM Console

Learning Objectives

Install and manage automatic updates to QRadar SIEM assets
Configure QRadar backup and restore policies
QRadar administration tools to aggregate, review, and interpret metrics
Network hierarchy objects to manage QRadar SIEM objects and groups
Manage QRadar hosts and licenses and deploy assets
Monitor the health of assets in a QRadar deployment
Configure system settings and asset profiles
Configure reasons that QRadar administrators use to close offenses
Create and manage reference sets
Configure user accounts including user profiles and authorizations
Manage QRadar log sources
Store event and flow data
Manage QRadar flow sources
Manage groups that monitor Internet networks and services

Course Outline:

Auto Update
Backup and Recovery
Index and Aggregated Data Management
Network Hierarchy
System Management
License Management
Deployment Actions
High Availability management
System Health and Master Console
System Settings and Asset Profiler Configuration
Custom Offense Close Reasons
Reference Set Management
Authorized Services
Users, User Roles, and Security Profiles
Log Sources
Log Source Extensions
Log Source parsing Ordering
Event and Flow Retention
Flow Sources
Flow Sources Aliases
Remote Networks and Services

RELATED COURSES

Courses
Cyber Security

Certified Ethical Hacker v9

If you’re concerned about the integrity of your network’s infrastructure, this course will teach you the ethical hacking tools and techniques needed to enhance your network’s defenses. You’ll begin by learning how perimeter defenses work. By scanning and attacking your own network (no real networks will be harmed), you’ll also learn how intruders operate and the steps to secure a system.

In the interactive, lab-filled environment of this ethical hacking course, you will gain in-depth knowledge and practical experience with current, essential security systems. You will explore common ethical hacking topics, such as intrusion detection, policy creation, social engineering, DDoS attacks, buffer overflows, and virus creation.

ï¿½

This course includes one exam voucher for the Certified Ethical Hacker (CEH) v9 exam.

Courses
Cyber Security

Security Strategies in Windows Platforms and Applications

This course focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. The course highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The course also covers more information on Microsoft Windows OS hardening, application security, and incident management.

In addition to premium instructional content from Jones & Bartlett Learning’s comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized "virtual sandbox" learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice "white hat" hacking on a real IT infrastructureï¿½these are not simulations. Winner of the "Security Training and Educational Programs" top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry’s leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 20 hours of training exercises on how hackers and perpetrators use these applications and tools.

Certification:

This course covers content within the following industry certification exams:

Certified Information Systems Security Professional (CISSP) – five content domains covered
Security + – four content domains covered
System Security Certified Practitioner (SSCP) – six content domains covered
National Institute of Standards and Technology (NIST) – seven content domains covered
8570.01 – four content domains covered

Courses
Cyber Security

Certified Information Privacy Technologist (CIPT) Prep Course

In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other Internet-related technologies.

You will learn the need and importance for privacy in the IT environment with impacts such as regulatory activities, security threats, advances in technology and the proliferation of social networks. This course will provide an introduction to privacy laws, regulations, and standards impacting privacy in IT and the risks inherent in the IT environment. You will also learn about the importance of personally identifiable information and methods for ensuring its protection.

This two-day program covering practices the principles of information privacy in technology includes:

Official IAPP CIPT participant guide
Official IAPP CIPT textbooks ("Introduction to IT Privacy" and "Privacy in Technology")
Official IAPP CIPT practice test
IAPP CIPT certification exam voucher
IAPP membership for one year

Note: Your contact information must be provided to the IAPP and will be used by IAPP for membership services fulfillment in accordance with IAPP’s policies.

Courses
Cyber Security

Palo Alto Networks: Essentials 1

In this course, you will learn to install, configure, and manage the entire line of Palo Alto Networks Next-Generation firewalls.