Incident Detection and Investigation with QRadar
Offered By: Pluralsight
Course Description
Overview
In this course, you will explore the IBM Security QRadar SIEM tool from an SOC analyst perspective. This course is aligned to the "IBM QRadar SIEM V7.3.2 Fundamental Analysis" exam objectives (Exam C1000-018) with coverage of additional topics.
IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from a SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionalities provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the IBM Security QRadar SIEM V7.2.6 Associate Analyst exam (Exam C2150-612) which is required to achieve the IBM Certified Associate Analyst - Security QRadar SIEM V7.2.6 certification.
IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from a SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionalities provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the IBM Security QRadar SIEM V7.2.6 Associate Analyst exam (Exam C2150-612) which is required to achieve the IBM Certified Associate Analyst - Security QRadar SIEM V7.2.6 certification.
Syllabus
- Course Overview 2mins
- QRadar Overview and Basic Concepts 34mins
- Data Collection 18mins
- Events 39mins
- Flows 16mins
- Offenses 37mins
- Rules 19mins
- Assets 13mins
- Reports 14mins
- Dashboards 20mins
Taught by
Ricardo Reimao
Related Courses
Security Principles(ISC)² via Coursera Emergency and Disaster Training and Exercising: An Introduction
Coventry University via FutureLearn A General Approach to Risk Management
University System of Georgia via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)
Amazon Web Services via AWS Skill Builder