ESM320 – ArcSight ESM 7.6 Advanced Analyst with Certified Expert Exam
This course provides you with the knowledge required to use advanced ArcSight ESM content to find and correlate event information, perform actions such as notifying stakeholders, graphically analyze event data, and report on security incidents. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within ArcSight ESM that provide a significant edge in detecting active attacks.
Virtual Training nebo e-Learning?
Máme dostatečnou flexibilitu, takže vybírat můžete jak prezenční termíny, tak online kurzy.
Zkuste živý kurz virtuálněTarget group
This course is intended for analysts responsible for:
- Defining their organization’s security objectives
- Building or using advanced content to correlate, view and respond to those security objectives.
Course structure
- Introduction to ESM Components
- New Features
- ESM Distributed Components
- Installing ESM Distributed Mode
- Maintaining ESM Properties Files and Upgrades
- Installing the ESM Console
- Installing SmartConnectors
- Managing the Network Model
- Configuring SmartConnector Destinations
- Installing the ESM Super and Syslog Connectors
- SmartConnectors Configurations and Advanced Features
- Command Center
- ESM Backup and Restore
- Certificate Management
Benefits
This course covers ArcSight security problem solving methodology using advanced ESM content to find, track, and re-mediate security incidents. During the training, you will use variables and correlation activities, customize report templates for dynamic content, and customize Dashboards to monitor incidents.
The last day of class offers a hands-on exam. Passing the exam awards you with Certified Expert badge..
To be successful in this course, you should have the following prerequisites or knowledge:
- Common security devices such as IDS and firewalls
- Common network device functions, such as routers, switches, and hubs
- TCP/IP functions such as CIDR blocks, subnets, addressing, and communications
- Basic Windows operating system tasks and functions
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, and possible abnormal activities, such as worms, Trojans, and viruses
- SIEM terminology, such as threat, vulnerability, risk, asset, exposure, and safeguards
- Completed the ArcSight ESM Administrator and Analyst course or 6 months experience administering ArcSight ESM
Jak nás hodnotí
V čem jsou naše reference výjimečné? Nejsou to jednorázové akce. K nám se lidé vrací rádi a nezavírají před námi dveře.
Podívejte se na úplný seznam referenčních klientů, kteří na nás nedají dopustit.
Nejste si jisti, zda je tento kurz pro vás?
Zavolejte nám a my vám poradíme.
Jsme vám k dispozici na telefonním čísle +420 222 553 101 vždy od pondělí do pátku: 9:00 - 17:00.
Nemůžete volat? Zkuste nám napsat
Chcete získat dárek k narozeninám?
