Kód: BQ204XG
DÉLKA: 16 Hours
CENA: Kč bez DPH 23 000,00
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.
This self-paced 2-day course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.
The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.
This course is designed for security administrators and security analysts.
Students should be knowledgeable about the following topics:
Unit 1: Custom log sources
Unit 2: Reference data collections and custom rules
Unit 3: IBM X-Force Threat Intelligence in QRadar
Unit 4: User Behavior Analytics and Advisor with Watson
Unit 5: Tuning
Unit 6: Custom action scripts
Unit 7: IBM SOAR integration