• Recognize how QRadar collects and assesses network flow information.

• To analyze offenses, use the Analyst Workflow program and the QRadar user interface.

• Find, classify, gather, and assess security data

• With Pulse Dashboards, elaborate reporting may be created.

• Describe how QRadar gathers information to look for suspicious activity.

• Recognizing the data flows and architecture of QRadar

• Use QRadar to create customized reports.

• Consider managing aggregated data.

• Gain knowledge about the importance of SIEM, its components (SIM and SEM), rules, architecture, and features including alerts, aggregation, correlation, reporting, and storage.

• Develop your ability to successfully use the QRadar SIEM user interface.

• Investigate vulnerabilities, services, events, and flow in-depth.

• For more complex searches, use Aerial Query Language (AQL).

• Develop intrusion warnings and evaluate actual case studies. Produce reports.

• Gain advanced knowledge in areas including designing custom rules, deploying QRadar Apps, utilizing reference data sets, and generating custom log source types.

• The requirement for a Security Operations Center (SOC).
• Understanding the SOC Fundamentals
• SOC Constituents: People, Processes, and Technology
• Security Operations Center (SOC) Types 
• Determining SOC maturity Models
• Understanding SOC Implementation
• Recognizing the distinction between SOC and NOC

1hr. 10min

• QRadar SIEM: Background and Introduction   
• Understanding SIEM’s Key Concepts
• Recognizing QRadar SIEM Capabilities
• Understanding QRadar’s Architecture
  a. Event Collector & Event Processor 
  b. Flow collector & Flow Processor
  c. Magistrate & Aerial Database

2hrs. 27min.

• Introduction to QRadar Dashboard
• Real-time log streaming
• Make use of filters and the Event Search
• False positives and tuning
• Create your own custom properties and event flow sources.
• Keep backups of data and configuration.
• Creating and administering user roles, security profiles, and user accounts.
• Control license usage through allocation.
• Create, test, and refine reference sets, building blocks, and rules.
• Develop and maintain retention policies (for data and assets).
• Design and maintain dashboards, reports, global views, dashboards, and saved searches.

2hrs 1min.

• Tracking QRadar notifications and error messages.
• Examine and interpret system monitoring dashboards.
• Examine QRadar’s services and operations.
• QRadar tracking functionality.
• Make use of monitoring programs and technologies (for example, QDI, helper app, incident summary, and DrQ).
• Check the equipment’s condition and system maintenance.
• Monitor infractions and seek for outliers.

1hr. 35min.

• Apply essential command knowledge to comprehend the functions and uses of QRadar.
• Describe error messages and notifications.
• Interpret the basic logs (such as Qradar.error and qradar.log).
• Examine a situation from everyday life.
• Report-writing; • Case Studies for Practical Learning