IBM - Human Growth Kazakhstan

IBM

Направление

  • BQ104G — IBM QRadar SIEM Foundations
    • Длительность: 3 дня (24 часа)
    • Код курса: BQ104G
    • Стоимость
    • Очный формат: По запросу
    • Онлайн формат: 758 000 ₸

    Описание курса

    Course Description:

    IBM QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. QRadar SIEM classifies suspected attacks and policy violations as offenses.

    In this 3-day instructor-led course, you learn how to perform the following tasks:

    Describe how QRadar SIEM collects data to detect suspicious activities
    Describe the QRadar SIEM component architecture and data flows
    Navigate the user interface
    Investigate suspected attacks and policy breaches
    Search, filter, group, and analyze security data
    Investigate the vulnerabilities and services of assets
    Use network hierarchies
    Locate custom rules and inspect actions and responses of rules
    Analyze offenses created by QRadar SIEM
    Use index management
    Navigate and customize the QRadar SIEM dashboard
    Use QRadar SIEM to create customized reports
    Use charts and filters
    Use AQL for advanced searches
    Analyze a real world scenario

    Extensive lab exercises are provided to allow students an insight into the routine work of an IT Security Analyst operating the IBM QRadar SIEM platform. The exercises cover the following topics:

    Using the QRadar SIEM user interface
    Investigating an Offense triggered by events
    Investigating the events of an offense
    Investigating an offense that is triggered by flows
    Using rules
    Using the Network Hierarchy
    Index and Aggregated Data Management
    Using the QRadar SIEM dashboard
    Creating QRadar SIEM reports
    Using AQL for advanced searches
    Analyze a real-world large-scale attack

    The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.

    Objectives:

    After completing this course, you should be able to perform the following tasks:

    Describe how QRadar SIEM collects data to detect suspicious activities
    Describe the QRadar SIEM component architecture and data flows
    Navigate the user interface
    Investigate suspected attacks and policy violations
    Search, filter, group, and analyze security data
    Investigate events and flows
    Investigate asset profiles
    Describe the purpose of the network hierarchy
    Determine how rules test incoming data and create offenses
    Use index and aggregated data management
    Navigate and customize dashboards and dashboard items
    Create customized reports
    Use filters
    Use AQL for advanced searches
    Analyze a real world scenario

    Audience:

    This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM.

    Prerequisites:

    Before taking this course, make sure that you have the following skills:

    IT infrastructure
    IT security fundamentals
    Linux
    Windows
    TCP/IP networking
    Syslog

    Topics:

    Unit 1: Introduction to IBM QRadar
    Unit 2: IBM QRadar SIEM component architecture and data flows
    Unit 3: Using the QRadar SIEM User Interface
    Unit 4: Investigating an Offense Triggered by Events
    Unit 5: Investigating the Events of an Offense
    Unit 6: Using Asset Profiles to Investigate Offenses
    Unit 7: Investigating an Offense Triggered by Flows
    Unit 8: Using Rules
    Unit 9: Using the Network Hierarchy
    Unit 10: Index and Aggregated Data Management
    Unit 11: Using the QRadar SIEM Dashboard
    Unit 12: Creating Reports
    Unit 13: Using Filters
    Unit 14: Using the Ariel Query Language (AQL) for Advanced Searches
    Unit 15: Analyzing a Real-World Large-Scale Attack
    Appendix A: A real-world scenario introduction to IBM QRadar SIEM
    Appendix B: IBM QRadar architecture

  • BQ204G — IBM Security QRadar SIEM Advanced Topicsons
    • Длительность: 2 дня (16 часов)
    • Код курса: BQ204G
    • Стоимость
    • Очный формат: По запросу
    • Онлайн формат: 669 000 ₸

    Описание курса

    Course Description:

    IBM® Security QRadar® enables you to minimize the time gap between when a suspicious activity occurs and when you detect it. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar SIEM correlates these scattered events and flows into offenses that alert you to suspicious activities. Using the skills taught in this course, you will be able to configure processing of uncommon events, work with reference data, and develop custom rules, custom actions, and custom anomoly detection rules.

    The lab environment for this course uses the IBM QRadar SIEM 7.3 platform.

    Objectives:

    Create custom log sources to utilize events from uncommon sources
    Create, maintain, and use reference data collections
    Develop and manage custom rules to detect unusual activity in your network
    Develop and manage custom action scripts to for automated rule reponse
    Develop and manage anomoly detection rules to detect when unusual network traffic patterns occur

    Audience:

    Security administrators
    Security technical architects
    Offense managers
    Professional services using QRadar SIEM
    QRadar SIEM administrators

    Prerequisites:

    IT infrastructure
    IT security fundamentals
    Linux
    Microsoft Windows
    TCP/IP networking
    Log files and events
    Network flows

    You should also have completed the IBM Security QRadar SIEM Foundations course.

    Topics:

    Module 1: Creating log source types

    Module 2: Leveraging reference data collections

    Module 3: Developing custom rules

    Module 4: Creating Custom Action Scripts

    Module 5: Developing Anomaly Detection Rules

  • BQ405GUA — QRadar SOAR: Foundations
    • Длительность: 2 дня (16 часов)
    • Код курса: BQ405GUA
    • Стоимость
    • Очный формат: По запросу
    • Онлайн формат: 586 000 ₸

    Описание курса

    Course Description:

    In this course, you learn about the IBM Security® QRadar® SOAR architecture, and how to position the product in your company’s security architecture design. You gain hands-on experience with the SOAR interface, by investigating and managing cases and users with the SOAR Breach Response module, playbooks, and email integration.

    Objectives

    In this course, you learn about the following topics:
    QRadar SOAR architectural patterns
    Install the product, and configure license and access
    Review the SOAR Console
    Manage cases
    Utilize the concept of artifacts
    Utilize case management capabilities
    Integrate email system for users and case management
    Focus on the Breach Response module
    Gain hands-on experience with the SOAR platform
    Design playbooks
    Integrate IBM and third-party solutions with SOAR

    Audience

    Security operations center (SOC) Administrator
    SOC Analyst
    Security Analyst
    Incident Responder
    Managed Service Security Provider (MSSP)

    Topics

    Getting started

    Describe architectural patterns
    Install the product and configure license and access
    Review the SOAR Console
    Manage cases and use Breach Response add-on
    Utilize the concept of artifacts

    Case management and email integration

    Utilize case management capabilities
    Integrate email system for users and case management
    Focus on the Breach Response module

    Playbooks and integrations

    Gain hands-on experience with the SOAR platform
    Design playbooks
    Integrate IBM and third-party solutions with SOAR

Направление IBM в HGK: системная подготовка специалистов по корпоративным ИТ-решениям.

Учебный центр Human Growth Kazakhstan (HGK) предлагает комплексную программу обучения по направлениям IBM, охватывающую ключевые области корпоративных ИТ-решений. Курсы ориентированы на подготовку специалистов, способных эффективно работать с продуктами и технологиями IBM в различных сферах, включая управление активами, информационную безопасность и аналитические системы.

 

Основные направления обучения:

  • IBM Maximo Asset Management: изучение возможностей и функций системы управления активами IBM Maximo, включая базовые концепции, настройку и эксплуатацию системы.
  • IBM FileNet Content Manager: обучение программированию с использованием Java API для работы с системой управления контентом IBM FileNet, включая разработку приложений и настройку компонентов.
  • IBM QRadar SIEM: освоение основ конфигурации, управления событиями и инцидентами, а также методов настройки правил и отчетов в системе информационной безопасности IBM QRadar SIEM.

 

Преимущества обучения в HGK:

  • Авторизованные программы IBM: курсы разработаны в соответствии с официальными стандартами IBM, обеспечивая актуальность и соответствие требованиям индустрии.
  • Практическая направленность: обучение включает лабораторные работы и практические задания, позволяя слушателям применять полученные знания в реальных сценариях.
  • Гибкие форматы обучения: доступны как очные, так и онлайн-форматы курсов, что позволяет выбрать наиболее удобный способ обучения.
  • Подготовка к сертификации: курсы готовят слушателей к сдаче сертификационных экзаменов IBM, подтверждающих профессиональные компетенции в области корпоративных ИТ-решений.

 

Обучение в HGK по направлениям IBM предоставляет слушателям комплексные знания и навыки, необходимые для успешной работы с современными корпоративными ИТ-решениями. Программы обучения подходят как для начинающих специалистов, так и для опытных инженеров, стремящихся повысить квалификацию и получить признанные в отрасли сертификаты.

Записаться на курс

Контакты

Расположение на карте