logo

IBM Security Course

course overview

download outline

Select Country and City to View dates & book now

Overview

b'

In this course, you learn about the IBM Security\xc2\xae QRadar\xc2\xae EDR architecture and how to position the product within your company\xe2\x80\x99s landscape of security solutions. You gain skills around how to install the QRadar EDR Hive on your premises and the EDR Agents on your endpoints. You can review the user interface and how to navigate the EDR Dashboard while investigating endpoint threats.

This course applies to version 3.12 of the on-premises QRadar EDR offering.

'

Audience

Security operations center (SOC) AdministratorSOC AnalystSecurity AnalystIncident ResponderManaged Service Security Provider (MSSP)

Skills Gained

In this course, you learn to perform the following tasks:

  • Navigate the QRadar EDR Dashboard
  • Describe the QRadar EDR architecture
  • Install the on-premises QRadar EDR Hive and configure the initial setup
  • Deploy the QRadar EDR Agent on your endpoints
  • Investigate threats on endpoints
  • Manage endpoints
  • Understand and respond to alerts and trends
  • Act upon behavioral malware and ransomware attacks
  • Configure notifications and Simple Mail Transfer Protocol
  • Set up forwarding alerts
  • Define policies
  • Handle downloaded and quarantined files from your endpoints
  • Set up users, groups, and clients
  • Configure Hive-Cloud Score
  • Create applications
  • Monitor audit logs

Outline

Getting started

  • Dashboard overview
  • Architecture
  • QRadar EDR on-prem installation
  • Downloading, installing, and updating the QRadar EDR Agent

Protecting your endpoints

  • Investigating threats on endpoints
  • Managing endpoints
  • Understanding and responding to alerts and trends
  • Acting upon behavioral malware and ransomware attacks
  • Hunting for threats on your endpoint using a QRadar EDR lab

Administering your environment

  • Configuring notifications and Simple Mail Transfer Protocol (SMTP)
  • Setting up forwarding alerts
  • Defining policies
  • Handling downloaded and quarantined files from your endpoints
  • Setting up users, groups, and clients
  • Configuring Hive-Cloud Score
  • Creating applications
  • Monitoring audit logs

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.