Каталог курсов

Курсы IBM

IBM Security QRadar SIEM Administration

 
Код курса  Код: BQ150G    Заявка  Предварительная запись    Продолжительность  Кол-во часов: 24 , Кол-во дней: 3

Course Description

IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks and services configuration.

 Objectives

Learning objectives

  • Install and manage automatic updates to QRadar SIEM assets
  • Configure QRadar backup and restore policies
  • Leverage QRadar administration tools to aggregate, review, and interpret metrics
  • Use network hierarchy objects to manage QRadar SIEM objects and groups
  • Manage QRadar hosts and licenses and deploy assets
  • Monitor the health of assets in a QRadar deployment
  • Configure system settings and asset profiles
  • Configure reasons that QRadar administrators use to close offenses
  • Create and manage reference sets
  • Create the credentials used to perform authenticated scans
  • Manage, route, and store event and flow data
  • Use domains in QRadar SIEM to act as a filter for events, flows, scanners, assets, rules, offenses, and retention policies
  • Configure user accounts including user profiles, authentication, and authorizations
  • Manage custom properties for assets, events, and flows
  • Manage QRadar log sources
  • Manage QRadar flow sources
  • Integrate Vulnerability Assessment Scanner results in QRadar SIEM
  • Manage groups that monitor Internet networks and services

 Audience

This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.

 Prerequisites

  • Before taking this course, make sure that you have the following skills:
  • Basic knowledge of the purpose and use of a security intelligence platform
  • Familiarity with the Linux command line interface and PuTTY
  • Familiarity with custom rules
  • Familiarity with the Ariel database and its purpose in QRadar SIEM
  • Students should attend BQ102G, IBM Security QRadar Foundations or be able to navigate and use the QRadar SIEM Console

 Curriculum

Unit 1: Auto Update
Unit 2: Backup and Recovery
Unit 3: Index and Aggregated Data Management
Unit 4: Network Hierarchy
Unit 5: System Management
Unit 6: License Management
Unit 7: Deployment Actions
Unit 8: High Availability management
Unit 9: System Health and Master Console
Unit 10: System Settings and Asset Profiler Configuration
Unit 11: Custom Offense Close Reasons
Unit 12: Store and Forward
Unit 13: Reference Set Management
Unit 14: Centralized Credentials
Unit 15: Forwarding Destinations
Unit 16: Routing Rules
Unit 17: Domain Management
Unit 18: Users, User Roles, and Security Profiles
Unit 19: Authentication
Unit 20: Authorized Services
Unit 21: Backup and Recovery
Unit 22: Custom Asset Properties
Unit 23: Log Sources
Unit 24: Log Soruce Groups
Unit 25: Log Source Extensions
Unit 26: Log Source Parsing Ordering
Unit 27: Custom Properties
Unit 28: Event and Flow Retention
Unit 29: Flow Sources
Unit 30: Flow Sources Aliases
Unit 31: VA Scanners
Unit 32: Remote Networks and Services


Место проведения мероприятия: г. Киев пр., В. Лобановского, 4г IBM Security QRadar SIEM Administration +380444922929
Время проведения: 17-05-17
Ссылка курса обучения
Назад в раздел





Для предварительной записи на курсы или
уточнения информации позвоните по телефонам:
(044) 492-29-29, 594-98-98
e-mail: training@muk.com.ua

Или заполните заявку online.

Свежие новости

19.06.2017 Авторизованные курсы Microsoft на базе Учебного центра МУК


Учебный центр МУК - Silver Learning Partner Microsoft - приглашает всех желающих стать участником авторизованных курсов Microsoft согласно ближайшего расписания. 

01.06.2017 Открыт набор на курс «Виртуализация серверов с Windows Server Hyper-V и System Center»
Учебный центр МУК обладая статусом Silver Learning Partner Microsoft объявляет набор на курс «Виртуализация серверов с Windows Server Hyper-V и System Center», который состоится с 06 по 09 июня 2017 года.

21.05.2017 Снова лучшие: Dell EMC награждает МУК
Группа компаний МУК получила две награды на Dell EMC Partner Awards 2017

17.05.2017 HPE Education Brunch 2017
Учебный центр Группы компаний MUK при поддержке НРE Украина уже традиционно приглашает желающих стать участниками HPE Education Brunch 2017