Courses and publications are offered to help you prepare for the certification tests. The courses are recommended, but not required, before taking a certification test. When preparing for the certification test, keep in mind that real world experience is required to stand a reasonable chance of passing the certification test. Courseware does not replace the requirement for experience. If you want to purchase Web-based training courses or are unable to locate a Web-based course or classroom course at the time and location you desire, please feel free to contact one of our delivery management teams at:
Please note that course offerings are continuously being added and updated. If you do not see the course(s) below listed in your geography please contact the delivery management team.
Qradar V7.0 User and Administrator
Course duration: 3 days
Abstract: This introductory course to QRadar enables end users and administrators of QRadar to use the full potential of QRadar reporting and offense mechanisms in their network environment. End users will be introduced to the usage of the batch and real time reports. They will also learn how to interpret the information and correlate it with security information gathered from vulnerability scanners and automatic asset discovery. Administrators gain knowledge on how to create new users, log sources, integrate VIS, backup and restore, Log retention and the creation and fine tuning of QRadar rules. This 3 days course also offers a lab environment to the students to practice on the topics presented during the class.
Day 1 1.Introduction to QRadar 2.Common QRadar Menus and Options 3.The Admin Interface Configuring Qradar Creating users Creating Log Sources 4.Navigating the QRadar Log Activity reports 5.Navigating the QRadar Network Activity reports 6.Creating advanced Event and Flow Filters
Day 2 1.Assets and Vulnerability Assessment Using automatic asset discovery Integrating VIS information 2.Offenses 3.Managing Offenses 4.Creating Rules and Building Blocks 5.Case Studies. Examples of useful rules
Day 3 1.Tuning of Qradar Offense Rules 2.Case Studies of false positive tuning 3.Manging Qradar reporting dashboards 4.Using the Qradar Reporting interface Creating reports Scheduling reports Distributing reports 5.Support Information **Note** This course is available for both Instructor Led Training and Instructor Led Online Training.