HOME > IT & Software > SIEM Admin Incident Handing Training SOC Team

SIEM Admin Incident Handing Training SOC Team

SynopsisSIEM Admin – Incident Handing Training – SOC Team...
SIEM Admin Incident Handing Training SOC Team No.1

SIEM Admin – Incident Handing Training – SOC Team, available at $22.99, has an average rating of 4.1, with 50 lectures, based on 101 reviews, and has 484 subscribers.

You will learn about What is the SIEM SIEM Business Requirement Integration Configuration of Data sources [Splunk] SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro) Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro Alert Creation in [Splunk] Creating Dashboards for Attack Analysis [Splunk] Report Configuration [Splunk] Building Industry Based Use Cases [Splunk] Event Monitoring [Splunk] Fine Tuning Of Alerts [Splunk] Real World Incident Response Investigation [Splunk] What is Cyber Kill Chain How to develop effective USECASE in SIEM How to Evaluate a SIEM tool This course is ideal for individuals who are College Student looking for Cyber Security Opportunity. or Security Engineer curious about SIEM or SOC Analyst looking for SIEM Administration Training or Network Engineer looking for change in Cyber Security or Sr. SOC Analyst looking for learn multiple SIEM tools It is particularly useful for College Student looking for Cyber Security Opportunity. or Security Engineer curious about SIEM or SOC Analyst looking for SIEM Administration Training or Network Engineer looking for change in Cyber Security or Sr. SOC Analyst looking for learn multiple SIEM tools.

Enroll now: SIEM Admin – Incident Handing Training – SOC Team

Summary

Title: SIEM Admin – Incident Handing Training – SOC Team

Price: $22.99

Average Rating: 4.1

Number of Lectures: 50

Number of Published Lectures: 50

Number of Curriculum Items: 50

Number of Published Curriculum Objects: 50

Original Price: $22.99

Quality Status: approved

Status: Live

What You Will Learn

  • What is the SIEM
  • SIEM Business Requirement
  • Integration Configuration of Data sources [Splunk]
  • SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro)
  • Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
  • Alert Creation in [Splunk]
  • Creating Dashboards for Attack Analysis [Splunk]
  • Report Configuration [Splunk]
  • Building Industry Based Use Cases [Splunk]
  • Event Monitoring [Splunk]
  • Fine Tuning Of Alerts [Splunk]
  • Real World Incident Response Investigation [Splunk]
  • What is Cyber Kill Chain
  • How to develop effective USECASE in SIEM
  • How to Evaluate a SIEM tool

    • Who Should Attend

  • College Student looking for Cyber Security Opportunity.
  • Security Engineer curious about SIEM
  • SOC Analyst looking for SIEM Administration Training
  • Network Engineer looking for change in Cyber Security
  • Sr. SOC Analyst looking for learn multiple SIEM tools

    • Target Audiences

  • College Student looking for Cyber Security Opportunity.
  • Security Engineer curious about SIEM
  • SOC Analyst looking for SIEM Administration Training
  • Network Engineer looking for change in Cyber Security
  • Sr. SOC Analyst looking for learn multiple SIEM tools

    • THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

    PHASE 2 – This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation,  report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team.

    This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference.

    1) HP ArcSight

    2) IBM QRadar

    3) RSA Security Analytics

    4) Splunk

    5) McAfee Nitro

    What you will learn after completing this course:

  • What is the SIEM

  • SIEM Business Requirement

  • SIEM Architecture of HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA& McAfee Nitro

  • Integration Configuration of Data sources [Splunk]

  • What is Cyber Kill Chain

  • How to develop effective USECASE in SIEM

  • How to Evaluate a SIEM tool

  • Building Industry Based Use Cases [Splunk]

  • Alert Creation in [Splunk]

  • Event Monitoring [Splunk]

  • Creating Dashboards for Attack Analysis [Splunk]

  • Report Configuration [Splunk]

  • Fine Tuning Of Alerts[Splunk]

  • Real World Incident Response Investigation [Splunk]

    • Happy Learning !

    Course Curriculum

    Chapter 1: Why SIEM tool required in Cyber Security

    Lecture 1: Why Cyber Security Required and What is the Primary tool used in monitoring.

    Chapter 2: SIEM Introduction

    Lecture 1: Introduction

    Chapter 3: SIEM Architecture of HP Arcsight, RSA SA, Splunk, QRadar & Nitro

    Lecture 1: SIEM Architecture – Receiver Component.

    Lecture 2: SIEM Architecture – Manager Component

    Lecture 3: SIEM Architecture – Logger Component

    Chapter 4: Event Life Cycle In Various SIEM

    Lecture 1: HP Arcsight Architecture

    Lecture 2: RSA SA Architecture

    Lecture 3: IBM Architecture

    Lecture 4: Splunk Architecutre

    Lecture 5: Mcafee Architecture

    Chapter 5: Why Integration is required

    Lecture 1: Why Integration is required

    Chapter 6: Installation & Features

    Lecture 1: Types of SIEM Installation

    Lecture 2: SIEM Installation

    Lecture 3: SIEM Features

    Chapter 7: Deployment & Configuration of Agent

    Lecture 1: Installation of Agent in Windows Machine

    Lecture 2: Integration & Configuration of Agent in Windows Machine

    Lecture 3: Installation of Agent in Linux Machine

    Lecture 4: Configuration of Sys-logging in SIEM

    Lecture 5: Integration of Network Device

    Chapter 8: Usecase Development

    Lecture 1: Integration & Configuration of Agent in Linux Machine

    Lecture 2: What is Usecase

    Lecture 3: Development Life-cycle for USECASES

    Lecture 4: Phase 1 – Requirement for Usecase

    Lecture 5: Phase 2 – Data Points for Usecase

    Lecture 6: Phase 3 – Log validation for Usecase

    Lecture 7: Phase 4 – Design & Phase 5 -Implementation for Usecase

    Lecture 8: Phase 6 – Documentation for Usecase

    Lecture 9: Phase 7 – Onboarding for Usecase

    Lecture 10: Phase 8 – Periodical Updation for Usecase

    Lecture 11: Types of Usecases

    Lecture 12: Cyber Kill Chain

    Lecture 13: Reconnaissance & Weaponization

    Lecture 14: Delivery, Exploitation & Installation

    Lecture 15: Command and Control & Actions on Objective

    Lecture 16: How to Build Effective Usecase – Requirement & Risk

    Lecture 17: Build Effective Usecase – Define Alert

    Lecture 18: Build Effective Usecase – Priority, Impact & Mapping to Kill Chain

    Lecture 19: Build Effective Usecase – Measure Response & Detection

    Lecture 20: Build Effective Usecase – Standard Operating Procedures & Tuning Requirement

    Lecture 21: Build Effective Usecase – Response Plan and Operational Agreement

    Lecture 22: build Effective Usecase – Auditing & Reviewing

    Lecture 23: Evaluate SIEM capabilities with the Usecases.

    Lecture 24: Failed Authentication – Building Real-World Usecase

    Lecture 25: Lecture 44: Malware Identification – Building Real-World Usecase

    Lecture 26: Building Industry Based Use Cases [Splunk] – Splunk Fundamentals

    Lecture 27: Building Industry Based Use Cases [Splunk] – Splunk Searches

    Chapter 9: Alert Creation in [Splunk]

    Lecture 1: Building Industry Based Use Case [Splunk] – Part 1

    Lecture 2: Building Industry Based Use Case [Splunk] – Part 2

    Chapter 10: Event Monitoring, Dashboard Creation & Fine-Tuning

    Lecture 1: Event Monitoring, Dashboard Creation & Fine-Tuning

    Chapter 11: Real World Incident Response Investigation and Threat Hunting

    Lecture 1: Real World Incident Response Investigation and Threat Hunting

    Instructors

  • SIEM Admin Incident Handing Training SOC Team No.2
    Vikram Saini
    Cyber Security Expert | Threat Hunting | Incident Response

    • Rating Distribution

  • 1 stars: 3 votes
  • 2 stars: 14 votes
  • 3 stars: 12 votes
  • 4 stars: 25 votes
  • 5 stars: 47 votes

    • Frequently Asked Questions

    How long do I have access to the course materials?

    You can view and review the lecture materials indefinitely, like an on-demand channel.

    Can I take my courses with me wherever I go?

    Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don’t have an internet connection, some instructors also let their students download course lectures. That’s up to the instructor though, so make sure you get on their good side!

    • Random Picks
    • Popular
    • Hot Reviews
    Prev:Introduction to Seismic Rehabilitation of Buildings_1 Next:Start A Blog from Scratch (Self-Hosted Blog Tutorial)