Kurser

3 dages kursus

IBM Security QRadar SIEM Administration [BQ150G]

Tid & sted
Afholdelser oprettes efter behov.

Kontakt os på tlf. 7220 3000 eller skriv til kurser@teknologisk.dk for at høre mere.
Pris efter aftale
Nr. 87881 P

Lær, hvordan du minimerer tidsspændet mellem mistænkelig aktivitet opdages til der kan handles på det. Kurset giver dig administrative værktøjer, som du kan bruge til at incidents til adfærd til du styre implementeringen af QRadar SIEM. Kurset dækker systemkonfiguration, data source konfiguration, og remote networks- og services konfiguration.

Deltagerprofil

This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.

Forudsætninger

Basic knowledge of the purpose and use of a security intelligence platform, familiarity with the Linux command line interface and PuTTY, custom rules, and the Ariel database and its purpose in QRadar SIEM. Students should attend BQ102G, IBM Security QRadar Foundations or be able to navigate and use the QRadar SIEM Console.

Indhold

  • Install and manage automatic updates to QRadar SIEM assets
  • Configure QRadar backup and restore policies
  • Leverage QRadar administration tools to aggregate, review, and interpret metrics
  • Use network hierarchy objects to manage QRadar SIEM objects and groups
  • Manage QRadar hosts and licenses and deploy assets
  • Monitor the health of assets in a QRadar deployment
  • Configure system settings and asset profiles
  • Configure reasons that QRadar administrators use to close offenses
  • Create and manage reference sets
  • Create the credentials used to perform authenticated scans
  • Manage, route, and store event and flow data
  • Use domains in QRadar SIEM to act as a filter for events, flows, scanners, assets, rules, offenses, and retention policies
  • Configure user accounts including user profiles, authentication, and authorizations
  • Manage custom properties for assets, events, and flows
  • Manage QRadar log sources
  • Manage QRadar flow sources
  • Integrate Vulnerability Assessment Scanner results in QRadar SIEM
  • Manage groups that monitor Internet networks and services

Få ny inspiration til din kompetence­udvikling

Unikke tilbud, relevante artikler og nyt om vores kurser og uddannelser.

Indtast venligst et validt navn
Tilmelder nyhedsbrev
Tak for din tilmelding
Teknisk fejl

Der er desværre en systemfejl på nuværende tidspunkt. Du kan alternativt skrive en mail til data@teknologisk.dk