IBM QRadar SIEM Advanced Topics BQ205G
- CMDBID 1001833
- Course Code BQ205G
- Duration 2 Days
IBM Security Course
course overview
download outline
Select Country and City to View dates & book now
Overview
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.
This 2-day instructor-led course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.
The lab environment for this course uses the IBM QRadar SIEM 7.5 platform.
'. Explore more IBM training hereAudience
This course is designed for security administrators and security analysts.
Skills Gained
- Learn how to create custom log sources
- Discover how to work with reference data collections and custom rules
- Use X-Force data and Threat Intelligence app
- Use the Use Case Manager app
- Learn how to use UBA and QRadar Advisor
- Discover Tuning
- Explore Custom action scripts
- Discuss Integration with IBM SOAR
Prerequisites
Students should be knowledgeable about the following topics:
- IT infrastructure
- IT security fundamentals
- Linux
- Windows
- TCP/IP networking
- Syslog
- Foundational skills for the IBM QRadar Security Intelligence Platform (at least the skills that are taught in the IBM QRadar SIEM Foundations - BQ104 course)
Outline
Unit 1: Custom log sources
Unit 2: Reference data collections and custom rules
Unit 3: IBM X-Force Threat Intelligence in QRadar
Unit 4: User Behavior Analytics and Advisor with Watson
Unit 5: Tuning
Unit 6: Custom action scripts
Unit 7: IBM SOAR integration
. Explore more IBM training hereCertification
What is the 1001833 1001833 1001833 IBM QRadar SIEM Advanced Topics BQ205G course about?
Who should attend the 1001833 1001833 1001833 IBM QRadar SIEM Advanced Topics BQ205G training course?
Does the 1001833 1001833 1001833 IBM QRadar SIEM Advanced Topics BQ205G course include certification or an exam?
How can I enrol in the 1001833 1001833 1001833 IBM QRadar SIEM Advanced Topics BQ205G course?
Talk to an expert
Thinking about Onsite?
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.
Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.
All $ prices are in USD unless it’s a NZ or AU date
SPVC = Self Paced Virtual Class
LVC = Live Virtual Class
Please Note: All courses are availaible as Live Virtual Classes
Trusted by over 1/2 million students in 15 countries
Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.
