Description
Course info
Level
Intermediate
Updated
May 29, 2018
Duration
3h 12m
Description

IBM Security QRadar is a leader in SIEM solutions according to the 2016 Magic Quadrant. In this course, SIEM Administration with QRadar, you will explore QRadar’s main features from a SIEM administrator perspective. First, you will learn the QRadar components and architecture. Next, you will explore administrative items in the QRadar tool, from user management to rule creation. Finally, you'll dive into troubleshooting techniques, which will help you in your daily SIEM admin challenges. When you're finished with this course, you will have the skills and knowledge to administer a QRadar environment. This course covers the objectives of the IBM Security QRadar SIEM V7.2.8 Fundamental Administration exam (Exam C2150-624) which is required to achieve both the IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8 certification and the IBM Certified SOC Analyst - Security QRadar SIEM V7.2.8 certification.

About the author
About the author

"Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Vulnerability Management with QRadar
Intermediate
1h 33m
May 23, 2019
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Ricardo, and welcome to my course, SIEM Administration with QRadar. I'm a cybersecurity consultant with years of experience in IBM QRadar, and I'll be showing you everything you need to know for your role as a SIEM administrator. So, if you're starting your role as a SOC administrator or if you're looking to expand your knowledge in the IBM QRadar SIEM solution, this course is for you. In this course, we are going to cover the IBM QRadar SIEM from an admin perspective. So, we start talking about the architecture and the basic concepts of QRadar so you can have a holistic view of the two and then see all the inner workings of the SIEM solution. Then we cover how to plan, install, and upgrade your QRadar. Since you'll be responsible for the environment, it's very important for you as a SOC admin to know how to keep your environment up to date. Next, we go to one of the most important parts of this course in which you'll learn how to perform the main daily tasks of a SIEM admin, including managing the users and the user profiles, configuring on all sources, managing reference sets, and much more. Then you also learn how to tune and optimize QRadar, which includes the creation of rules, creation of custom reports, creation of custom properties, and much more. And in the last part of this course, you'll learn some techniques for troubleshooting in QRadar. In my opinion, this ability to quickly identify and solve problems is what differentiates a person that knows QRadar from a real QRadar specialist. So, by the end of this course you'll be fluent in QRadar from an admin perspective. But before beginning this course, you should have a basic understanding of QRadar. Keep in mind that this is an intermediate course on the SIEM solution and it is a continuation of my previous course called Incident Detection and Investigation with QRadar. So, I do recommend you checking it out so you can have a better understanding of this course. Also, if you're planning on taking the IBM QRadar Fundamental Administration Certification, you're in the right place. This course covers the certification outline and gives you a good base for the test. So, I hope you join me on this journey to learn about the IBM QRadar, with my SIEM Administration with QRadar course, here at Pluralsight.