ArcSight ESM Administrator and Analyst (ESM200)

Kursbeschreibung Kurstermine
 

Kursüberblick

This course is a hands-on, five-day instructor-led course detailing Enterprise Security Manager (ESM) product facilities while performing related tasks on a live ArcSight ESM. Learners use the ArcSight Console and ArcSight Command Center interfaces to monitor security events, configure ESM, and manage users and ESM network intelligence resources. Using ArcSight ESM workflow, participants isolate, document, escalate, and resolve security incidents. This course enables tailoring standard ArcSight ESM content to acquire, search, and correlate actionable event data; and perform remedial activities such as incident analysis, stakeholder notification, and reporting security conditions within your network environment.

Zielgruppe

This course is intended for:

  • Monitor, remediate, and report on security incidents using ArcSight ESM facilities
  • Use standard content to correlate, display and respond to identified issues in real time
  • Design, deploy and maintain ArcSight network, asset and user modeling for your cyber-infrastructure

Voraussetzungen

To be successful in this course, you should have the following prerequisites or knowledge:

  • Basic Windows operating system tasks and functions
  • Knowledge of possible attack activities, such as scans, man in the middle, sniffing, DoS, and possible abnormal activities, such as worms, Trojans, and viruses
  • SIEM terminology, such as threat, vulnerability, risk, asset, exposure, and safeguards
  • Enterprise security, event and log management experience is highly advantageous

Kursziele

Upon successful completion of this course, you should be able to:

  • Plan for ALM implementation
  • Make ArcSight ESM operational upon initial installation, creating user accounts and implementing built-in solutions content
  • Implement Network and Asset Modeling facilities to enable site-specific business-oriented views within your ArcSight ESM environment
  • Investigate, identify, analyze, and remediate exposed security issues using ArcSight ESM monitoring and detection features
  • Use workflow management to provide real-time incident response and escalation tracking
  • Modify and run standard reports to provide situational awareness and network status to enterprise stakeholders
  • Establish ESM peering to perform distributed event search and content management across multiple ESM instances

Kursinhalt

  • Module 1: Introduction to ArcSight ESM
  • Module 2: ArcSight Event Schema and Lifecycle
  • Module 3: ESM Installation and Configuration
  • Module 4: ESM Console
  • Module 5: ArcSight Command Center
  • Module 6: ArcSight Web Interface
  • Module 7: Active Channels, Filters and Fieldsets
  • Module 8: Rules and Lists
  • Module 9: Dashboards and Data Monitors
  • Module 10: Query Viewers
  • Module 11: ESM Reports
  • Module 12: Workflow Cases
  • Module 13: User Administration
  • Module 14: User Notifications
  • Module 15: Use Case Resources
  • Module 16: ArcSight Content Management
  • Module 17: Event Search
  • Module 18: ArcSight Support Resources
Classroom Training
Modality: G

Dauer 5 Tage

Preis (exkl. MwSt.)
  • Deutschland: 3.750,- €
Termine und Buchen
Online Training
Modality: U

Dauer 5 Tage

Preis (exkl. MwSt.)
  • Deutschland: 3.750,- €
Termine und Buchen
 
Zum Buchen bitte auf den Ortsnamen klicken Kurstermine
Dies ist ein Instructor-led Online Training, das über WebEx in einer VoIP Umgebung durchgeführt wird. Sollten Sie Fragen zu einem unserer Online-Kurse haben, können Sie uns jederzeit unter +49 (0)40 25334610 oder per E-Mail an info@flane.de kontaktieren.
Deutschland
28.01. - 01.02.2019 Düsseldorf
Europa
Frankreich
26.11. - 30.11.2018 Online Training Zeitzone: Europe/Paris Kurssprache: französisch
 

Cookies verbessern unsere Services. Durch die Benutzung unserer Website erklären Sie sich mit unserer Verwendung von Cookies einverstanden.   Verstanden.