Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Incident Detection and Investigation with QRadar

via Pluralsight

Overview

In this course, you will explore the IBM Security QRadar SIEM tool from an SOC analyst perspective. This course is aligned to the "IBM QRadar SIEM V7.3.2 Fundamental Analysis" exam objectives (Exam C1000-018) with coverage of additional topics.

IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from an SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionality provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the "IBM QRadar SIEM V7.3.2 Fundamental Analysis" exam (Exam C1000-018) which is required to achieve the "IBM Certified Associate Analyst - IBM QRadar SIEM V7.3.2" certification.

Syllabus

  • Course Overview 2mins
  • QRadar Overview and Basic Concepts 34mins
  • Data Collection 18mins
  • Events 39mins
  • Flows 16mins
  • Offenses 37mins
  • Rules 19mins
  • Assets 13mins
  • Reports 14mins
  • Dashboards 20mins

Taught by

Ricardo Reimao

Reviews

4.7 rating at Pluralsight based on 62 ratings

Start your review of Incident Detection and Investigation with QRadar

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.