TAYLLORCOX > Akademie > Micro Focus > ESM180 – Building Security Use Cases with ArcSight ESM

ESM180 – Building Security Use Cases with ArcSight ESM

Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology, within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios, derived from the top business drivers in the market

Termíny
Target group
What will you learn
Prerequisites

Virtual Training nebo e-Learning?

Máme dostatečnou flexibilitu, takže vybírat můžete jak prezenční termíny, tak online kurzy.

Zkuste živý kurz virtuálně

Target group

This advanced course is intended for those whose primary responsibilities include:

Defining organization’s security objectives
Building ArcSight ESM content to adhere to those objectives.

What will you learn

In an ArcSight ESM context, define Use Case
Using the Use Case worksheet from an initial problem statement, generate requirement statements and prioritize objectives
Identify data sources and ESM resources required to fulfil the objectives of the use case
Create identified ESM content
Construct ArcSight Active Channels to provide advanced analysis of the event stream
Develop ArcSight Rules to allow correlation activities
Build event-based data monitors to provide real-time viewing of event traffic
Package formulated ESM content for Use Case into ArcSight Resource Bundle

Prerequisites

To be successful in this course, you should have the following prerequisites or knowledge:

Common network device functions, such as routers, switches, hubs, etc.
TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.
Windows operating system tasks, such as installations, services, sharing, navigation, etc.
SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
Security directives, such as Confidentiality, Integrity, Availability