QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, topologies, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn how to configure and administer QRadar SIEM, create Universal DSMs and Log Source Extensions, and create event, flow and anomaly rules. Using the skills taught in this course, you can maintain QRadar SIEM, work with log sources, analyze the offenses created by rules and if necessary fine-tune them. Hands-on exercises reinforce the skills learned.
Enjoy six months of access to a fully indexed and searchable recording of your class when you choose our Virtual Classroom Live learning experience.
You should have the following skills:
There are no follow-ons for this course.