Incident Detection and Investigation with QRadar 7
In this course, you will explore the IBM Security QRadar SIEM tool from an SOC analyst perspective. This course is aligned to the “IBM QRadar SIEM V7.3.2 Fundamental Analysis” exam objectives (Exam C1000-018) with coverage of additional topics.
IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from an SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionality provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the “IBM QRadar SIEM V7.3.2 Fundamental Analysis” exam (Exam C1000-018) which is required to achieve the “IBM Certified Associate Analyst – IBM QRadar SIEM V7.3.2” certification.
Author Name: Ricardo Reimao
Author Description:
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Table of Contents
- Course Overview
2mins - QRadar Overview and Basic Concepts
34mins - Data Collection
18mins - Events
39mins - Flows
16mins - Offenses
37mins - Rules
19mins - Assets
13mins - Reports
14mins - Dashboards
20mins
There are no reviews yet.