LENGTH: 24 Hours (3 days)
IBM Security QRadar enables deep visibility into network, endpoint, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn about the solution architecture, how to navigate the user interface, and how to investigate offenses. You search and analyze the information from which QRadar concluded a suspicious activity. Hands-on exercises reinforce the skills learned.
In this 3-day instructor-led course, you learn how to perform the following tasks:
Extensive lab exercises are provided to allow students an insight into the routine work of an IT Security Analyst operating the IBM QRadar SIEM platform. The exercises cover the following topics:
The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.
After completing this course, you should be able to perform the following tasks:
This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.
Before taking this course, make sure that you have the following skills: