Course info
May 29, 2018
3h 11m

IBM Security QRadar is a leader in SIEM solutions according to the 2016 Magic Quadrant. In this course, SIEM Administration with QRadar, you will explore QRadar’s main features from a SIEM administrator perspective. First, you will learn the QRadar components and architecture. Next, you will explore administrative items in the QRadar tool, from user management to rule creation. Finally, you'll dive into troubleshooting techniques, which will help you in your daily SIEM admin challenges. When you're finished with this course, you will have the skills and knowledge to administer a QRadar environment. This course covers the objectives of the IBM Security QRadar SIEM V7.2.8 Fundamental Administration exam (Exam C2150-624) which is required to achieve both the IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8 certification and the IBM Certified SOC Analyst - Security QRadar SIEM V7.2.8 certification.

Course FAQ
Course FAQ
What is QRadar?

QRadar is a detection system that uses radio waves to determine the range, angle, or velocity of objects.

What will I learn in this QRadar tutorial?

In this course, you will learn the architecture and basic concepts of QRadar, how to plan, install, and upgrade, how to tune and optimize QRadar, and troubleshooting techniques.

Are there prerequisites for this QRadar tutorial?

Prerequisites for this QRadar tutorial are a basic understanding of QRadar and incident detection and investigation with QRadar.

Does this course prepare you for the QRadar certification exam?

Yes, this course will help prepare you for the QRadar certification exam.

Who is this course for?

This course is for aspiring or current SIEM Administrators who are looking to learn more about QRadar.

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Persistence with Impacket
Sep 15, 2021
Planning and Scoping for CompTIA Pentest+
1h 46m
Jul 7, 2021
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Ricardo, and welcome to my course, SIEM Administration with QRadar. I'm a cybersecurity consultant with years of experience in IBM QRadar, and I'll be showing you everything you need to know for your role as a SIEM administrator. So, if you're starting your role as a SOC administrator or if you're looking to expand your knowledge in the IBM QRadar SIEM solution, this course is for you. In this course, we are going to cover the IBM QRadar SIEM from an admin perspective. So, we start talking about the architecture and the basic concepts of QRadar so you can have a holistic view of the two and then see all the inner workings of the SIEM solution. Then we cover how to plan, install, and upgrade your QRadar. Since you'll be responsible for the environment, it's very important for you as a SOC admin to know how to keep your environment up to date. Next, we go to one of the most important parts of this course in which you'll learn how to perform the main daily tasks of a SIEM admin, including managing the users and the user profiles, configuring on all sources, managing reference sets, and much more. Then you also learn how to tune and optimize QRadar, which includes the creation of rules, creation of custom reports, creation of custom properties, and much more. And in the last part of this course, you'll learn some techniques for troubleshooting in QRadar. In my opinion, this ability to quickly identify and solve problems is what differentiates a person that knows QRadar from a real QRadar specialist. So, by the end of this course you'll be fluent in QRadar from an admin perspective. But before beginning this course, you should have a basic understanding of QRadar. Keep in mind that this is an intermediate course on the SIEM solution and it is a continuation of my previous course called Incident Detection and Investigation with QRadar. So, I do recommend you checking it out so you can have a better understanding of this course. Also, if you're planning on taking the IBM QRadar Fundamental Administration Certification, you're in the right place. This course covers the certification outline and gives you a good base for the test. So, I hope you join me on this journey to learn about the IBM QRadar, with my SIEM Administration with QRadar course, here at Pluralsight.