Detailed Course Outline
- Unit 1: Introduction to IBM QRadar
- Unit 2: IBM QRadar SIEM component architecture and data flows
- Unit 3: Using the QRadar SIEM User Interface
- Unit 4: Investigating an Offense Triggered by Events
- Unit 5: Investigating the Events of an Offense
- Unit 6: Using Asset Profiles to Investigate Offenses
- Unit 7: Investigating an Offense Triggered by Flows
- Unit 8: Using Rules
- Unit 9: Using the Network Hierarchy
- Unit 10: Index and Aggregated Data Management
- Unit 11: Using the QRadar SIEM Dashboard
- Unit 12: Creating Reports
- Unit 13: Using Filters
- Unit 14: Using the Ariel Query Language (AQL) for Advanced Searches
- Unit 15: Analyzing a Real-World Large-Scale Attack
- Appendix A: A real-world scenario introduction to IBM QRadar SIEM
- Appendix B: IBM QRadar architecture