CRYPTUS CERTIFIED IBM QRADAR TRAINING PROGRAM

5 DAYS TRAINING PROGRAM

IBM QRadar SIEM foundation: provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. QRadar SIEM classifies suspected attacks and policy violations as offenses.

Prerequisites:

Before taking this course, make sure that you have the following skills

• IT infrastructure


• IT security fundamentals


• Linux


• Microsoft Windows


• TCP/IP networking


• Log files and events


• Network flows


• Qradar Foundation


• Syslog

In this course you learn how to perform the following tasks:

• Describe how QRadar SIEM collects data to detect suspicious activities


• Describe the QRadar SIEM component architecture and data flows


• Navigate the user interface


• Investigate suspected attacks and policy breaches


• Search, filter, group, and analyze security data


• Investigate the vulnerabilities and services of assets


• Use network hierarchies


• Locate custom rules and inspect actions and responses of rules


• Analyze offenses created by QRadar SIEM


• Use index management


• Navigate and customize the QRadar SIEM dashboard


• Use QRadar SIEM to create customized reports


• Use charts and filters


• Use AQL for advanced searches


• Analyze a real world scenario

• Using the QRadar SIEM user interface


• Investigating an Offense triggered by events


• Investigating the events of an offense


• Investigating an offense that is triggered by flows


• Using rules


• Using the Network Hierarchy


• Index and Aggregated Data Management


• Using the QRadar SIEM dashboard


• Creating QRadar SIEM reports


• Using AQL for advanced searches


• Analyze a real-world large-scale attack

The lab environment for this course is built on AWS. Audience This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM. IBM Security QRadar Advance It enables you to minimize the time gap between when a suspicious activity occurs and when you detect it. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar SIEM correlates these scattered events and flows into offenses that alert you to suspicious activities. Using the skills taught in this course, you will be able to configure processing of uncommon events, work with reference data, and develop custom rules, custom actions, and custom anomoly detection rules. The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.

Fundamentals of AWS is a specific training course for AWS beginners. This learning path consists of courses, labs, and three exams. Each module deals with a specific topic theory, which is then put to the test, in an applied environment, with our hands-on labs.
AWS is a huge player in the cloud computing world, so if you want to become a cloud architect, AWS Fundamentals is a great place to start. But it's about much more than AWS: this path will introduce you to some core cloud principles like distributed storage, concurrent computing, redundancy, and security.
In this course, you will learn the core AWS skills and concepts needed to begin working with AWS and to get AWS certified.
At the end of the learning path, you will be presented with a Certificate of Excellence.

What you will learn?

At the end of the course covering the basics of AWS, you will be able to build a cost-effective, scalable, and reliable infrastructure on the AWS platform.
To get the most from this learning path, make sure you are already familiar with the basics of cloud computing, in particular, infrastructure as a service (IAAS), as well as Microsoft and Linux essentials, including DNS and DHCP, networking essentials, virtualization, and storage.