IBM Security QRadar SIEM Administration [BQ150G]
€2095, aangeboden door Global Knowledge
OVERVIEW
IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks and services configuration.
OBJECTIVES
Learning objectives
- Install and manage automatic updates to QRadar SIEM assets
- Configure QRadar backup and restore policies
- Leverage QRadar administration tools to aggregate, review, and interpret metrics
- Use network hierarchy objects to manage QRadar SIEM objects and groups
- Manage QRadar hosts and licenses and deploy assets
- Monitor the health of assets in a QRadar deployment
- Configure system settings and ass profiles
- Configure reasons that QRadar administrators use to close offenses
- Create and manage reference sets
- Configure user accounts including user profiles and authorizations
- Manage QRadar log sources
- Store event and flow data
- Manage QRadar flow sources
- Manage groups that monitor Internet networks and services
AUDIENCE
This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.
CONTENT
Unit 1: Auto Update
 Unit 2: Backup and Recovery
Unit 3: Index and Aggregated Data Management
 Unit 4: Network Hierarchy
Unit 5: System Management
Unit 6: License Management
Unit 7: Deployment Actions
 Unit 8: High Availability management
 Unit 9: System Health and Master Console
Unit 10: System Settings and Asset Profiler Configuration
 Unit 11: Custom Offense Close Reasons
Unit 12: Reference Set Management
Unit 13: Authorized Services
Unit 14: Users, User Roles, and Security Profiles
Unit 15: Log Sources
Unit 16: Log Source Extensions
 Unit 17: Log Source parsing Ordering
 Unit 18: Event and Flow Retention
Unit 19: Flow Sources
 Unit 20: Flow Sources Aliases
Unit 21: Remote Networks and Services