Incident Detection and Investigation with QRadar
Offered By: Pluralsight
Course Description
Overview
In this course, you will explore the IBM Security QRadar SIEM tool from an SOC analyst perspective. This course is aligned to the "IBM QRadar SIEM V7.3.2 Fundamental Analysis" exam objectives (Exam C1000-018) with coverage of additional topics.
IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from a SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionalities provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the IBM Security QRadar SIEM V7.2.6 Associate Analyst exam (Exam C2150-612) which is required to achieve the IBM Certified Associate Analyst - Security QRadar SIEM V7.2.6 certification.
IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from a SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionalities provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the IBM Security QRadar SIEM V7.2.6 Associate Analyst exam (Exam C2150-612) which is required to achieve the IBM Certified Associate Analyst - Security QRadar SIEM V7.2.6 certification.
Syllabus
- Course Overview 2mins
- QRadar Overview and Basic Concepts 34mins
- Data Collection 18mins
- Events 39mins
- Flows 16mins
- Offenses 37mins
- Rules 19mins
- Assets 13mins
- Reports 14mins
- Dashboards 20mins
Taught by
Ricardo Reimao
Related Courses
CiberseguridadUniversidad de los Andes via Coursera Cloud Audit Academy – クラウドにとらわれない (Japanese)
Amazon Web Services via AWS Skill Builder Cybersecurity Foundations for Risk Management
University System of Georgia via Coursera The Foundations of Cybersecurity
University System of Georgia via Coursera Get Started with Security Operations
Salesforce via Trailhead