HOT
blank

SIEM Admin – Incident Handing Training – SOC Team

IT & Software

Rating4.1
Enroll Now

SIEM Admin – Incident Handing Training – SOC Team, available at $22.99, has an average rating of 4.1, with 50 lectures, based on 101 reviews, and has 484 subscribers.

You will learn about What is the SIEM SIEM Business Requirement Integration Configuration of Data sources [Splunk] SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro) Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Alert Creation in [Splunk] Creating Dashboards for Attack Analysis [Splunk] Report Configuration [Splunk] Building Industry Based Use Cases [Splunk] Event Monitoring [Splunk] Fine Tuning Of Alerts [Splunk] Real World Incident Response Investigation [Splunk] What is Cyber Kill Chain How to develop effective USECASE in SIEM How to Evaluate a SIEM tool This course is ideal for individuals who are College Student looking for Cyber Security Opportunity. or Security Engineer curious about SIEM or SOC Analyst looking for SIEM Administration Training or Network Engineer looking for change in Cyber Security or Sr. SOC Analyst looking for learn multiple SIEM tools It is particularly useful for College Student looking for Cyber Security Opportunity. or Security Engineer curious about SIEM or SOC Analyst looking for SIEM Administration Training or Network Engineer looking for change in Cyber Security or Sr. SOC Analyst looking for learn multiple SIEM tools.

Enroll now: SIEM Admin – Incident Handing Training – SOC Team

Summary

Title: SIEM Admin – Incident Handing Training – SOC Team

Price: $22.99

Average Rating: 4.1

Number of Lectures: 50

Number of Published Lectures: 50

Number of Curriculum Items: 50

Number of Published Curriculum Objects: 50

Original Price: $22.99

Quality Status: approved

Status: Live

What You Will Learn

  • What is the SIEM
  • SIEM Business Requirement
  • Integration Configuration of Data sources [Splunk]
  • SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro)
  • Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Alert Creation in [Splunk]
  • Creating Dashboards for Attack Analysis [Splunk]
  • Report Configuration [Splunk]
  • Building Industry Based Use Cases [Splunk]
  • Event Monitoring [Splunk]
  • Fine Tuning Of Alerts [Splunk]
  • Real World Incident Response Investigation [Splunk]
  • What is Cyber Kill Chain
  • How to develop effective USECASE in SIEM
  • How to Evaluate a SIEM tool

Who Should Attend

  • College Student looking for Cyber Security Opportunity.
  • Security Engineer curious about SIEM
  • SOC Analyst looking for SIEM Administration Training
  • Network Engineer looking for change in Cyber Security
  • Sr. SOC Analyst looking for learn multiple SIEM tools

Target Audiences

  • College Student looking for Cyber Security Opportunity.
  • Security Engineer curious about SIEM
  • SOC Analyst looking for SIEM Administration Training
  • Network Engineer looking for change in Cyber Security
  • Sr. SOC Analyst looking for learn multiple SIEM tools

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

PHASE 2 – This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation,  report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team.

This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference.

1) HP ArcSight

2) IBM QRadar

3) RSA Security Analytics

4) Splunk

5) McAfee Nitro

What you will learn after completing this course:

  • What is the SIEM

  • SIEM Business Requirement

  • SIEM Architecture of HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Integration Configuration of Data sources [Splunk]

  • What is Cyber Kill Chain

  • How to develop effective USECASE in SIEM

  • How to Evaluate a SIEM tool

  • Building Industry Based Use Cases [Splunk]

  • Alert Creation in [Splunk]

  • Event Monitoring [Splunk]

  • Creating Dashboards for Attack Analysis [Splunk]

  • Report Configuration [Splunk]

  • Fine Tuning Of Alerts[Splunk]

  • Real World Incident Response Investigation [Splunk]

Happy Learning !

Course Curriculum

Chapter 1: Why SIEM tool required in Cyber Security

Lecture 1: Why Cyber Security Required and What is the Primary tool used in monitoring.

Chapter 2: SIEM Introduction

Lecture 1: Introduction

Chapter 3: SIEM Architecture of HP Arcsight, RSA SA, Splunk, QRadar & Nitro

Lecture 1: SIEM Architecture – Receiver Component.

Lecture 2: SIEM Architecture – Manager Component

Lecture 3: SIEM Architecture – Logger Component

Chapter 4: Event Life Cycle In Various SIEM

Lecture 1: HP Arcsight Architecture

Lecture 2: RSA SA Architecture

Lecture 3: IBM Architecture

Lecture 4: Splunk Architecutre

Lecture 5: Mcafee Architecture

Chapter 5: Why Integration is required

Lecture 1: Why Integration is required

Chapter 6: Installation & Features

Lecture 1: Types of SIEM Installation

Lecture 2: SIEM Installation

Lecture 3: SIEM Features

Chapter 7: Deployment & Configuration of Agent

Lecture 1: Installation of Agent in Windows Machine

Lecture 2: Integration & Configuration of Agent in Windows Machine

Lecture 3: Installation of Agent in Linux Machine

Lecture 4: Configuration of Sys-logging in SIEM

Lecture 5: Integration of Network Device

Chapter 8: Usecase Development

Lecture 1: Integration & Configuration of Agent in Linux Machine

Lecture 2: What is Usecase

Lecture 3: Development Life-cycle for USECASES

Lecture 4: Phase 1 – Requirement for Usecase

Lecture 5: Phase 2 – Data Points for Usecase

Lecture 6: Phase 3 – Log validation for Usecase

Lecture 7: Phase 4 – Design & Phase 5 -Implementation for Usecase

Lecture 8: Phase 6 – Documentation for Usecase

Lecture 9: Phase 7 – Onboarding for Usecase

Lecture 10: Phase 8 – Periodical Updation for Usecase

Lecture 11: Types of Usecases

Lecture 12: Cyber Kill Chain

Lecture 13: Reconnaissance & Weaponization

Lecture 14: Delivery, Exploitation & Installation

Lecture 15: Command and Control & Actions on Objective

Lecture 16: How to Build Effective Usecase – Requirement & Risk

Lecture 17: Build Effective Usecase – Define Alert

Lecture 18: Build Effective Usecase – Priority, Impact & Mapping to Kill Chain

Lecture 19: Build Effective Usecase – Measure Response & Detection

Lecture 20: Build Effective Usecase – Standard Operating Procedures & Tuning Requirement

Lecture 21: Build Effective Usecase – Response Plan and Operational Agreement

Lecture 22: build Effective Usecase – Auditing & Reviewing

Lecture 23: Evaluate SIEM capabilities with the Usecases.

Lecture 24: Failed Authentication – Building Real-World Usecase

Lecture 25: Lecture 44: Malware Identification – Building Real-World Usecase

Lecture 26: Building Industry Based Use Cases [Splunk] – Splunk Fundamentals

Lecture 27: Building Industry Based Use Cases [Splunk] – Splunk Searches

Chapter 9: Alert Creation in [Splunk]

Lecture 1: Building Industry Based Use Case [Splunk] – Part 1

Lecture 2: Building Industry Based Use Case [Splunk] – Part 2

Chapter 10: Event Monitoring, Dashboard Creation & Fine-Tuning

Lecture 1: Event Monitoring, Dashboard Creation & Fine-Tuning

Chapter 11: Real World Incident Response Investigation and Threat Hunting

Lecture 1: Real World Incident Response Investigation and Threat Hunting

Instructors

  • Vikram Saini
    Vikram Saini
    Cyber Security Expert | Threat Hunting | Incident Response

Rating Distribution

  • 1 stars: 3 votes
  • 2 stars: 14 votes
  • 3 stars: 12 votes
  • 4 stars: 25 votes
  • 5 stars: 47 votes

Frequently Asked Questions


How long do I have access to the course materials?


You can view and review the lecture materials indefinitely, like an on-demand channel.


Can I take my courses with me wherever I go?


Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don’t have an internet connection, some instructors also let their students download course lectures. That’s up to the instructor though, so make sure you get on their good side!

You may also like

Top 10 Cybersecurity Fundamentals Courses to Learn in November 2024

Top 10 Smart Home Technology Courses to Learn in November 2024

Top 10 Agile Methodologies Courses to Learn in November 2024