Test 000-195: IBM Security QRadar V7.0 MR4

Course title: Qradar V7.0 User and Administrator
Course duration: 3 days
Course number:
Abstract: This introductory course to QRadar enables end users and administrators of QRadar to use the full potential of QRadar reporting and offense mechanisms in their network environment. End users will be introduced to the usage of the batch and real time reports. They will also learn how to interpret the information and correlate it with security information gathered from vulnerability scanners and automatic asset discovery. Administrators gain knowledge on how to create new users, log sources, integrate VIS, backup and restore, Log retention and the creation and fine tuning of QRadar rules. This 3 days course also offers a lab environment to the students to practice on the topics presented during the class.

Agenda:

Day 1 1.Introduction to QRadar 2.Common QRadar Menus and Options 3.The Admin Interface Configuring Qradar Creating users Creating Log Sources 4.Navigating the QRadar Log Activity reports 5.Navigating the QRadar Network Activity reports 6.Creating advanced Event and Flow Filters

Day 2 1.Assets and Vulnerability Assessment Using automatic asset discovery Integrating VIS information 2.Offenses 3.Managing Offenses 4.Creating Rules and Building Blocks 5.Case Studies. Examples of useful rules

Day 3 1.Tuning of Qradar Offense Rules 2.Case Studies of false positive tuning 3.Manging Qradar reporting dashboards 4.Using the Qradar Reporting interface Creating reports Scheduling reports Distributing reports 5.Support Information **Note** This course is available for both Instructor Led Training and Instructor Led Online Training.

Register for an IBM Certification test at Prometric and take a step into your future.

IBM at Prometric