fbpx

    Get Callback

    Edit Template

    Become a Certified SOC Engineer with Our QRadar Online Course

    Dive into the world of cybersecurity with our expert-led SOC Engineer course focused exclusively on QRadar. Learn to master QRadar through hands-on training and real-world scenarios. Our course is designed to equip you with the skills needed to excel in a Security Operations Center (SOC) role. Start by setting up your own SIEM home lab, delve into QRadar installation and configuration, and become proficient in threat detection and response.

    Join now and advance your career in cybersecurity with specialized QRadar training!

    KEY FEATURES

    50 hours Instructor
    led live training

    Personal lab
    setup

    Job Oriented
    content

    Recorded
    Sessions

    Technical
    Support

    Malware
    Samples

    | Course Syllabus

    Qradar Analyst & Admin Training.

    Creating IBM account
    Taking SIEM community Edition
    Installation of Virtualization tools
    what is Qradar CE
    Configuring VM
    installation of SIEM
    Post installation checklist
    DO’s & DON’T’s of machine
    meaning & working of DSM
    upgradation of DSM
    Installation of DSM
    Custom DSM & log parsing
    Custom DSM & log parsing
    How Qradar works in general
    High level Component architecture
    Qradar Components overivew
    Event Collector , Event processor ,Deployment Architecture
    How SIEM came into existence
    how siem works?
    Role of SIEM in SOC
    Role of SIEM Analyst in SOC
    Log management
    Types of logs
    logs , information , alert & incident.
    why Logging?
    IBM App Exchange
    IBM Apps
    Content extension pack
    important Qrdar apps
    Log Activity Tab
    Network Activity Tab
    Assets Tab
    Report Tab
    Sizing & Scoping Qradar
    Qradar License Management
    Events & Flows Processing capabliites
    Index Management
    Data Management
    Data Retention
    Custom Properties
    log source parsing order
    Log source management
    Qradar SIEM operational tasks
    Qradar software , updates & best admin practises
    checking for appropirate requirements
    understanding syslog
    enabling log forwarding
    adding linux as log source
    use case 1 : Unsuccessful login attemts offense
    use case 2: unsuccessful login followed by success
    Overivew of building blocks
    Determining IOC’s
    creation of custom rules
    managing custom rules
    local vs global rules
    Anamoly rules
    Reference set collections
    Best practises on rule writing & tuning
    What is use case manager
    overview of MITRE ATT&CK Framework
    Installation of use case manager
    mapping of ATT&CK tactics to custom rules
    insight of non-installated rule set & Mitre Coverage
    offense prioritization
    offense chaining
    offense indexing
    offense retenion
    looking events/flows in offense
    adding notes to offense
    Hiding & Unhiding offenses
    Closing , assigning & exporting offense.
    Closing , assigning & exporting offense.
    what is pulse dashboard
    creation of custom dashboard
    creation of custom widgets
    dashboard Exports
    understanding the workflow
    understanding wincollect
    Installation of wincollect script
    Managed vs standalone agent
    adding windows as log source ( managed + standalone)
    sysmon capabilities for better threat detection
    looking for sysmon content pack
    powershell use cases
    User roles in Qradar
    Security Profiles
    user accounts
    what is threat intelligence feeds
    Feed Formats
    value of integrating threat
    intell with SIEM
    Installation of threat
    intelligence APP
    Troubleshooting Tips
    Wincollect Troubleshooting
    Performance Analysis
    No logs displayed issue
    Forgot admin password recovery
    Qradar tuning tips

    About Us

    Tech Skill School is an online learning platform committed to providing high-quality education and professional development in the field of technology. Our goal is to help individuals gain the skills necessary to excel in their careers and meet the demands of the ever-evolving tech industry.

    Contact

    Australia - HQ

    46 Hoskins Street Canberra, ACT

    info@techskillschool.com

    +61423002099

    India - HQ

    305 Waghawadi Road, Bhavnagar, Gujarat

    admin@techskillschool.com

    +91-9512026616

    Resources

    Blogs
    Mindmap
    Webinars
    Learning Resources
    Digital Book

    Follow us!

    Facebook-f Instagram Youtube Linkedin Medium
    Copyright © 2023 Tech Skill School. All Right Reserved.
    Designed and Developed by ProClickCoders.