LENGTH: 24 Hours (3 days)
IBM Security QRadar enables deep visibility into network, endpoint, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn about the solution architecture, how to navigate the user interface, and how to investigate offenses. You search and analyze the information from which QRadar concluded a suspicious activity. Hands-on exercises reinforce the skills learned.
In this 3-day instructor-led course, you learn how to perform the following tasks:
Extensive lab exercises are provided to allow students an insight into the routine work of an IT Security Analyst operating the IBM QRadar SIEM platform. The exercises cover the following topics:
The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.
After completing this course, you should be able to perform the following tasks:
This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.
Before taking this course, make sure that you have the following skills:
This is an IBM-issued and IBM-recognized badge that attests that its recipients have demonstrated their knowledge of various QRadar deployments' architecture and key concepts such as user management, domains and tenants, assets, network hierarchy, flows, events, rules, offenses, reference data, data obfuscation, and reporting.
In order to attempt and pass this test, students must have participated in either the ARROW ECS official training for IBM Security QRadar SIEM Foundations (BQ104G), or the self-paced virtual classroom for IBM Security QRadar SIEM Foundations (BQ104XG).
Note: The two hours time estimate on the front page of this course refers to the time it can take to complete the quiz.
Prior to enrolling, IBM Employees must follow their Division/Department processes to obtain approval to attend this public training class. Failure to follow Division/Department approval processes may result in the IBM Employee being personally responsible for the class charges.
GBS practitioners that use the EViTA system for requesting external training should use that same process for this course. Go to the EViTA site to start this process: http://w3.ibm.com/services/gbs/evita/BCSVTEnrl.nsf
Once you enroll in a GTP class, you will receive a confirmation letter that should show:
22 May 2023
Virtual Classroom (GMT / UTC)
Instructor Led Online