Cybersecurity analyst training with IBM QRadar SIEM

The SQR01 course is the first in a series of tailor-made courses by our experts to train as a cyber-security analyst with IBM QRadar SIEM. The duration of this training is 4 days.

You will have the expertise of our QRadar SIEM certified consultants, the support of official IBM materials, and a complex, dedicated lab environment that simulates a QRadar productive environment. Through different eminently practical scenarios you will be able to acquire the necessary skills to start getting the most out of this powerful tool.

Future cybersecurity analysts with IBM QRadar SIEM

Module 1 – Introduction

  • IBM QRadar SIEM architecture and general concepts
  • Collection of external logs and network traces
  • Integration with the various existing operating systems, applications and security products
  • System logs and useful problem-solving tools
  • Event simulation

Module 2 – Networks and assets

  • Definition of internal networks and external services
  • Domains, segmentation and multi-tenancy
  • Asset detection and self-configuration

Module 3 – Investigation of offenses

  • Rules and building-blocks
  • Advanced searches and filters
  • Management of event-based offenses and network traces
  • Using ‘reference sets’ & ‘reference maps’
  • Controlling anomalies and behavioral changes
  • AQL (Ariel Query Language)
  • Connecting with X-Force and using plugins

Module 4 – Case studies

Address from an eminently practical approach all or some of the following scenarios:

  • Preventing fraud and user account theft
  • Detecting connections to a malicious external control system
  • Identifying port scans followed by login attempts
  • Detection of the use of inactive accounts after a long period of time
  • Alert to risk actions by a user
  • Protecting and tracking access to sensitive data
  • Integration with physical access control systems
  • Detection of infection by ‘malware’ type Wannacry
  • Detection of anomalies, changes in thresholds and behavior of systems and users

Module 5 – QRadar and safety regulations

  • Report management
  • Using QRadar to comply with ISO/IEC 27001:201
  • Access for non-technical users

Module 6 – Doubt Resolution & Open Lab

We also conduct training, consulting, workshops, seminars and tailor-made technical talks. Contact us for more information