IBM QRadar SIEM Certification bootcamp. Get certified in 4 days!
[January 2023] Updated for the new QRadar 7.4.X certifications and XDR / SOAR capabilities!
Choosing among multiple SIEM solutions to offer to our customers, we were not guided by our preferences, but took into consideration all the aspects of the platform, including its compliance with security standards, its market position and customer experience. So why IBM QRadar?
- IBM Security QRadar is a leader in Gartner’s Magic Quadrant for SIEM, which proves its high position on the SIEM market.
- It provides intelligent insights that enable security teams to respond in any environment accurately detecting and prioritizing threats across the enterprise, to accelerate inciden analysis, escalation and remediation.
- Offers comprehensive security information shown in a single web-based console.
- Includes the most extensive set of modules (Log Management, Security Intelligence, Network Activity Monitoring, Risk management, Vulnerability Management and Network Forensics) that guarantee the 360° view from the information security perspective.
- Provides strong out-of-the-box features that ensure faster deployment and scalability.
- QRadar is the platform with Embedded Intelligence that allows for threat detection and offence prioritizing
This technical enablement training, delivered by our IBM certified experts, focuses on the general QRadar architecture and its components. Trough this course you’ll learn how to install, configure and successfully manage this complex and powerful platform. We’ll also show you how to to detect and react in case of attacks, vulnerabilities and policy violations, minimizing the time gap between when suspicious activity occurs and when you detect it.
In 4 days you’ll have the training you need to pass the certifications as well as setting the basis for operating the product efficiently and safely. An optional 5th session is available for students willing to pass the exam during the following weeks.
- Future QRadar SIEM administrators & security analysts
- Security administrators
- Security technical architects
- Offense managers
- Incident Response teams
- QRadar customers
- SOC Managers
- QRadar SIEM Architecture
- SW Installation & Best Practices
- Data collection
- Network Hierarchy
- Rules and responses
- Offenses investigation
- Building blocks
- Plugins and extensions
- AQL (Advanced Query Language)
- Real world use case & open lab
- Updating & upgrading the system including scale-out deployments
- Backups & restore
- System Settings and Asset Profiler Configuration
- Reference Set (use cases)
- Forwarding Destinations
- Routing Rules
- Domain Management
- Users, User Roles, and Security Profiles
- Authentication options
- Authorized Services
- Event and Flow Retention
- Custom Properties
- Log Source Groups
- Log Source Extensions
- Log Source Parsing Ordering
- Creating a log source from scratch
- VA Scanners
- Remote Services
- Wrap up
- (Optional session)
- Exam simulation (3h)
- Tips and hints to pass the exam
- Ready to get certified!
- Basic knowledge of the purpose and use of a security intelligence platform
- Familiarity with the Linux command line interface and PuTTY
- General IT infrastructure knowledge
- IT security fundamentals
- Operating System Administration: Linux or UNIX & Windows
- TCP/IP networking
- Log files and events
- Network flows
Ready to get certified!
Students attending this training are eligible for any of the following professional certifications: C2150-624, QRadar Fundamental Administration C1000-026 & IBM Certified Associate Analyst C1000-018 / C1000-139
This course is also recommended for students willing to pass C2150-614 / C1000-013 / C9003100 – QRadar Deployment Professional in the future.
If you are unsure about what certification is the best for you, we have written this article in our blog discussing the details of each exam. Have a read, and let us know if you have any further questions!
We offer professional services and on-demand consulting & technical support world-wide. We will be pleased to help you to succeed with IBM QRadar SIEM.