Instructed by Hatem Metwally
The course is covering below topics:
- – QRadar architecture
- – QRadar components
- – All-In-One installation
- – Console GUI demystified, QRadar Services and Replay Events & Flows
- – Offense, Event, Flow investigation
- – Describe the use of the magnitude of an offense
- – Offense management (retention, chaining, protection)
- – Identify events not correctly parsed and their source
- – Customized searches
- – Log Integration and DSM Development
- – Rules and Building Block Design
- – AQL queries
- – Custom properties
- – WinCollect
- – X-Force App Exchange, Content Packs and Pulse Installation and Troubleshooting
- – QRadar Assistant App
- – Install QRadar Content Packs using the QRadar Assistant App
- – Reference Data Types and Management
- – Analyze Building Blocks Host definition, category definition, Port definition
- – Tuning building blocks and Tuning Methodology
- – Use Case Manager app, MITRE threat groups and actors
- – Dashboarding and Reporting
- – Clean SIM Model
- – Attack Simulation and Sysmon Process Profiling
- – Rule Routing options, Rule Routing combination options and License Giveback
- – Backup and restore
- – Ingesting QRadar offenses into FortiSOAR
- – Custom Integration with FortiGate Firewall to Block User’s PC from Accessing the Internet
- – Postman – An API Call Development Methodology
Who this course is for:
- Network Security Specialists & Administrators
- SOC Operators & Analysts
- Information Security Sepcialists
Deal Score0
Disclosure: This post may contain affiliate links and we may get small commission if you make a purchase. Read more about Affiliate disclosure here.