Certified and Advanced Degree
Computer Instructors and Consultants
Course Catalog
IBM QRadar SIEM Advanced Topics
Code: BQ204G
Duration: 2 Day
$1860 USD

OVERVIEW

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.

This 2-day course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.

The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 2 Day
Classroom

Duration: 2 Day

CLASS SCHEDULE

Delivery Format: Virtual Classroom
Date: Apr 25 2024 - Apr 26 2024 | 09:30 - 17:30 EDT
Location: Online
Course Length: 2 Day

$ 1860

Delivery Format: Virtual Classroom
Date: Jun 27 2024 - Jun 28 2024 | 09:30 - 17:30 EDT
Location: Online
Course Length: 2 Day

$ 1860

Delivery Format: Virtual Classroom
Date: Jul 25 2024 - Jul 26 2024 | 09:30 - 17:30 EDT
Location: Online
Course Length: 2 Day

$ 1860

Delivery Format: Virtual Classroom
Date: Sep 19 2024 - Sep 20 2024 | 09:30 - 17:30 EDT
Location: Online
Course Length: 2 Day

$ 1860

GOALS
  • Learn how to create custom log sources
  • Discover how to work with reference data collections and custom rules
  • Use X-Force data and Threat Intelligence app
  • Use the Use Case Manager app
  • Learn how to use UBA and QRadar Advisor
  • Discover Tuning
  • Explore Custom action scripts
  • Discuss Integration with IBM SOAR
OUTLINE

Module 1

  • Custom log sources

Module 2

  • Reference data collections and custom rules

Module 3

  • IBM X-Force Threat Intelligence in QRadar

Module 4

  • User Behavior Analytics and Advisor with Watson

Module 5

  • Tuning

Module 6

  • Custom action scripts

Module 7

  • IBM SOAR integration

Module 1

  • Custom log sources

Module 2

  • Reference data collections and custom rules

Module 3

  • IBM X-Force Threat Intelligence in QRadar

Module 4

  • User Behavior Analytics and Advisor with Watson

Module 5

  • Tuning

Module 6

  • Custom action scripts

Module 7

  • IBM SOAR integration
LABS

Will Be Updated Soon!
Will Be Updated Soon!
WHO SHOULD ATTEND

This course is designed for security administrators and security analysts.

PREREQUISITES

Students should be knowledgeable about the following topics:

  • IT infrastructure
  • IT security fundamentals
  • Linux
  • Windows
  • TCP/IP networking
  • Syslog
  • Foundational skills for the IBM QRadar Security Intelligence Platform (at least the skills that are taught in the IBM QRadar SIEM Foundations - BQ104 course)