Каталог курсов

Курсы IBM

IBM Security QRadar SIEM Administration

 
Код курса  Код: BQ150G    Заявка  Предварительная запись    Продолжительность  Кол-во часов: 16 , Кол-во дней: 2


Course Description

IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks and services configuration.

 Objectives

Learning objectives

  • Install and manage automatic updates to QRadar SIEM assets
  • Configure QRadar backup and restore policies
  • Leverage QRadar administration tools to aggregate, review, and interpret metrics
  • Use network hierarchy objects to manage QRadar SIEM objects and groups
  • Manage QRadar hosts and licenses and deploy assets
  • Monitor the health of assets in a QRadar deployment
  • Configure system settings and asset profiles
  • Configure reasons that QRadar administrators use to close offenses
  • Create and manage reference sets
  • Create the credentials used to perform authenticated scans
  • Manage, route, and store event and flow data
  • Use domains in QRadar SIEM to act as a filter for events, flows, scanners, assets, rules, offenses, and retention policies
  • Configure user accounts including user profiles, authentication, and authorizations
  • Manage custom properties for assets, events, and flows
  • Manage QRadar log sources
  • Manage QRadar flow sources
  • Integrate Vulnerability Assessment Scanner results in QRadar SIEM
  • Manage groups that monitor Internet networks and services

 Audience

This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.

 Prerequisites

  • Before taking this course, make sure that you have the following skills:
  • Basic knowledge of the purpose and use of a security intelligence platform
  • Familiarity with the Linux command line interface and PuTTY
  • Familiarity with custom rules
  • Familiarity with the Ariel database and its purpose in QRadar SIEM
  • Students should attend BQ102G, IBM Security QRadar Foundations or be able to navigate and use the QRadar SIEM Console

 Curriculum

Unit 1: Auto Update
Unit 2: Backup and Recovery
Unit 3: Index and Aggregated Data Management
Unit 4: Network Hierarchy
Unit 5: System Management
Unit 6: License Management
Unit 7: Deployment Actions
Unit 8: High Availability management
Unit 9: System Health and Master Console
Unit 10: System Settings and Asset Profiler Configuration
Unit 11: Custom Offense Close Reasons
Unit 12: Store and Forward
Unit 13: Reference Set Management
Unit 14: Centralized Credentials
Unit 15: Forwarding Destinations
Unit 16: Routing Rules
Unit 17: Domain Management
Unit 18: Users, User Roles, and Security Profiles
Unit 19: Authentication
Unit 20: Authorized Services
Unit 21: Backup and Recovery
Unit 22: Custom Asset Properties
Unit 23: Log Sources
Unit 24: Log Soruce Groups
Unit 25: Log Source Extensions
Unit 26: Log Source Parsing Ordering
Unit 27: Custom Properties
Unit 28: Event and Flow Retention
Unit 29: Flow Sources
Unit 30: Flow Sources Aliases
Unit 31: VA Scanners
Unit 32: Remote Networks and Services


Ссылка курса обучения
Назад в раздел





Для предварительной записи на курсы или
уточнения информации позвоните по телефонам:
(044) 492-29-29, 594-98-98
e-mail: training@muk.com.ua

Или заполните заявку online.

Свежие новости

14.06.2018 Анонс авторизованных курсов Oracle на базе Учебного центра МУК

Учебный центр МУК - Oracle Authorized Education Center – приглашает всех желающих стать участниками авторизованных курсов Oracle

11.06.2018 Приходи на The Phoenix Project DevOps business simulation
Приглашение для участия в деловой игре «Проект Феникс» совместно с HPE Ukraine на базе Учебного центра МУК

22.05.2018 ПОЛУЧИТЕ-40 % НА АВТОРИЗОВАННЫЕ КУРСЫ IBM*

*акционная стоимость распространяется на курсы, которые указаны в данной новости

13.05.2018 PeopleCert – новый провайдер экзаменов Axelos (ITIL®, PRINCE2®, MSP®, M_o_R®, MoP®)
Учебный центр МУК сертифицирован на предоставление авторизованных курсов ITIL в рамках партнёрства с HPE