| Course Name |
Hours |
List Price |
Content |
| IBM QRadar SIEM Advanced Topics (BQ203G) |
14.00 |
$1,650.00 |
|
Description: IBM Security QRadar enables you to minimize the time gap between when a suspicious activity occurs and when you detect it. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar SIEM correlates these scattered events and flows into offenses that alert you to suspicious activities. Using the skills taught in this course, you will be able to configure processing of uncommon events, work with reference data, and develop custom rules, custom actions, and custom anomoly detection rules.
The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.
Skills Gained
Create custom log sources to utilize events from uncommon sources
Create, maintain, and use reference data collections
Develop and manage custom rules to detect unusual activity in your network
Develop and manage custom action scripts to for automated rule reponse
Develop and manage anomoly detection rules to detect when unusual network traffic patterns occur
# of Days:
Setting:
|
| IBM QRadar SIEM Foundations (BQ103G) |
21.00 |
$2,475.00 |
|
Description:
IBM QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. QRadar SIEM classifies suspected attacks and policy violations as offenses.
In this 3-day instructor-led course, you learn how to perform the following tasks:
Describe how QRadar SIEM collects data to detect suspicious activities
Describe the QRadar SIEM component architecture and data flows
Navigate the user interface
Investigate suspected attacks and policy breaches
Search, filter, group, and analyze security data
Investigate the vulnerabilities and services of assets
Use network hierarchies
Locate custom rules and inspect actions and responses of rules
Analyze offenses created by QRadar SIEM
Use index management
Navigate and customize the QRadar SIEM dashboard
Use QRadar SIEM to create customized reports
Use charts and filters
Use AQL for advanced searches
Analyze a real world scenario
Extensive lab exercises are provided to allow students an insight into the routine work of an IT Security Analyst operating the IBM QRadar SIEM platform. The exercises cover the following topics:
Using the QRadar SIEM user interface
Investigating an Offense triggered by events
Investigating the events of an offense
Investigating an offense that is triggered by flows
Using rules
Using the Network Hierarchy
Index and Aggregated Data Management
Using the QRadar SIEM dashboard
Creating QRadar SIEM reports
Using AQL for advanced searches
Analyze a real-world large-scale attack
The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.
Skills Gained
After completing this course, you should be able to perform the following tasks:
Describe how QRadar SIEM collects data to detect suspicious activities
Describe the QRadar SIEM component architecture and data flows
Navigate the user interface
Investigate suspected attacks and policy violations
Search, filter, group, and analyze security data
Investigate events and flows
Investigate asset profiles
Describe the purpose of the network hierarchy
Determine how rules test incoming data and create offenses
Use index and aggregated data management
Navigate and customize dashboards and dashboard items
Create customized reports
Use filters
Use AQL for advanced searches
Analyze a real world scenario
# of Days:
Setting:
|
| IBM Security Verify Access Foundations (TW108G) |
21.00 |
$2,445.00 |
|
Description: IBM Security Verify Access helps you simplify your users access while more securely adopting web, mobile, IoT, and cloud technologies. It can be deployed on premises, in a virtual or hardware appliance, or containerized with Docker. Verify Access also directly connects with Verify SaaS for a modernized, hybrid IAM approach to enable your organizations migration to identity as a service (IDaaS) at a comfortable pace. Using the skills taught in this course, you learn how to run Verify Access via Docker, configure authentication and authorization mechanisms, implement policy access control, and set up reverse proxy junctions to process web requests. Hands-on exercises reinforce the skills learned.
# of Days:
Setting:
|
| IBM Spectrum Scale Advanced Administration for Linux (H006G) |
21.00 |
$2,695.00 |
|
Description: This course is intended for IT professionals tasked with administering a Spectrum Scale system. It includes information on installing, configuring and monitoring a Spectrum Scale cluster.
This course replaces AN82G from Power brand.
Skills Gained
Migrate a GPFS 3.5 cluster to IBM Spectrum Scale 4.2
Migrate an IBM Spectrum Scale 4.1 cluster to 4.2
Describe and set up GUI interface
Execute performance collection infrastructure
Describe the IBM Spectrum Scale multi-cluster functionality, how to remote mount file systems, and the security configuration in a multi-cluster environment
Describe, install, and configure Clustered Network File System (cNFS)
Define, deploy, debug, and log Cluster Export Service (CES)
Describe multi-protocol support
Describe the Server Message Block (SMB) Protocol family and clients; solve and monitor SMB recovery scenarios; troubleshoot SMB
Manage Ganesha default configuration change/list
Manage exports in CES Network File System (NFS) and debug CES NFS
Describe home and cache features
List the various Active File Management (AFM) modes; create and manage an AFM relationship
Define and introduce asynchronous disaster recovery (DR)
List the recovery point objectives (RPOs) and failover options
Describe the Spectrum Scale Disaster Recovery Architecture
Describe the Linear Tape File System (LTFS) Enterprise Edition (EE) Introduction
Describe the GPFS policy driven storage management
Describe the HSM archival solution with LTFS EE
Define how to create a file placement optimization (FPO) pool
Describe using Spectrum Scale with Hadoop
Identity the scenarios in which GPFS-FPO is applicable
Define Share Nothing Architecture
Describe the design and architecture of the Call Home feature and describe its functionality
List the usage/advanced usage of the Call Home feature
Describe GPFS Performance parameters and GPFS tuning considerations
Monitor a GPFS cluster
Describe flash cache capabilities
Move metadata to flash cache
# of Days:
Setting:
|