Certified QRadar Analyst SIEM 7.3.2 C0003502 training

Which IBM QRadar SIEM certification shall I choose?

/in

QRadar SIEM is a comprehensive network security management platform that provides policy compliance support and context by combining knowledge of network flows, correlation of security events, and assessment of vulnerabilities in connected systems. In QRadar there are three certifications oriented to different roles within the product and that have been updated in July 2019.

IBM Certified Associate Administrator IBM QRadar SIEM V7.3.2

Scan “IBM Security QRadar SIEM V7.3.2 Fundamental Administration”. Test C1000-026

This is an entry-level certification for system administrators responsible for maintaining QRadar platforms. The ability to provide basic support as well as ibm Security QRadar SIEM V7.3.2 technical knowledge is evaluated. This includes the implementation and management of the solution set. Administrators should also be familiar with the capabilities of the product. The ability to plan, install, configure, deploy, migrate, update, monitor, and resolve simple issues is measured.

IBM Certified Associate Analyst IBM QRadar SIEM V7.3.2

Upgrade IBM QRadar SIEM V7.3.2 Fundamental Analysis. Test C1000-018

This entry-level certification is intended for security analysts who want to validate their knowledge in IBM Security QRadar SIEM V7.3.2. Analysts will need to master the basics of networking, security and SIEM and QRadar. The ability to use the product correctly (already installed and configured) is evaluated, including the use of the graphical environment for rule management, security incidents, reporting, and correlations of events and network flows.

IBM Certified Deployment Professional – IBM QRadar SIEM V7.3.2

Test IBM QRadar SIEM V7.3.2 Deployment. Test C1000-018

This is without a doubt the most complex certification of the three. Primarily aimed at security architects, technical pre-sales and staff who perform QRadar professional services for the various IBM Business Partners. These individuals will be responsible for planning, installing, configuring, optimizing performance, tuning, troubleshooting, and managing IBM QRadar SIEM in version 7.3.2. The ability to complete any task with little or no help with documentation, colleagues or support from the manufacturer is evaluated.

Which one to choose?

Our recommendation is to start with the administrator or analyst exam, depending on your role. We have several courses, seminars and intensive workshops that will help you prepare them. If you do not know anything about the product, we recommend you perform the official training of analyst and administrator that we also teach.

IMPORTANT Until September if you use the HUCSECURE code you will get a 50 discount when you register for the exam.

 

Critical Vulnerability in Siemens STEP 7 TIA Portal

/in

What happened?

A critical vulnerability has been found in Siemens STEP 7 TIAPortal, one of the most widely used design and automation programs for industrial control systems (ICS) worldwide. Users are urged to confirm that their systems have been upgraded to the latest version.

The critical vulnerability has been discovered by Tenable Research and would allow an attacker to take administrative action.

What’s the attack vector?

Jumping the authentication mechanism on the TIA Manager server through the node.js server web sockets

What is the impact on the business?

An attacker could compromise a TIA Portal system and use its access to add malicious code to adjacent industrial control systems. Attackers could also use the access gained through exploiting this vulnerability to steal sensitive data in existing OT configurations to continue progressing and plan attacks targeting critical infrastructure.

In the worst case, a vulnerable TIA Portal system can be used as a springboard in an attack that causes catastrophic damage to the OT team, disrupts critical operations, or conducts cyber espionage campaigns.

What’s the solution?

Siemens has released an update and security notice for this vulnerability.

Should I be worried?

Modern industrial operations often encompass complex IT and OT infrastructures, with new security challenges for critical environments, while making cybersecurity threats even more difficult to detect, investigate, and remedy.

Solutions?

OT/ICS/SCADA monitoring and management services have become easier thanks to our solution based on a QRadar SIEM and Indegy ICS.

SIXE