Get Unlimited Microsoft Training With Your FastPass - Just £6000! Training Centre Now Open - Offering Residential, OIL and Hybrid Courses.

IBM - Certified SOC Analyst

Varighed

Varighed:

Kun 7 dage

Metode

Metode:

Klasseværelse / Online / Hybrid

Næste dato

Næste dato:

9/11/2020 (Mandag)

Overview

Achieve the IBM Certified SOC Analyst certification through this 7-day accelerated combined course. This programme includes the following courses:

  • CompTIA Cybersecurity Analyst CySA+
  • IBM's Security QRadar SIEM Administrator

Through CompTIA's CySA+, you'll learn best practices to secure and protect your business’ applications and systems by:

  • Configuring and using threat detection tools
  • Learning how to perform data analysis to identify vulnerabilities, threats and risks
  • Focusing on network behaviour – both internal and external threats

Through the IBM Security QRadar SIEM Administrator course, you’ll build knowledge on how to support IBM’s Security QRadar SIEM V7.3.3 by:

  • Implementing and managing a IBM Security QRadar SIEM V7.3.2 solution
  • Becoming familiar with the product’s functionality and security policies
  • Deploying, migrating and troubleshooting the IBM Security QRadar SIEM V7.3.2 software

At the end of your course you’ll sit exams CS0-001 and C1000-026, and get your IBM Certified SOC Analyst certification.


Authorised Partner of CompTIA


You’ll get access to official courseware and learn from certified instructors as Firebrand is an Authorised Partner of CompTIA.

Train through Firebrand’s Lecture | Lab | Review methodology and you’ll certify at twice the speed in a distraction-free environment.

Firebrand also offer the CompTIA Cybersecurity Analyst (CySA+) as an individual course and certification.


Audience


If you’re an analyst interested in building your technical knowledge and skills in CompTIA and IBM software, this course is ideal for you.

Her er 4 gode grunde til at du skal tage hos Firebrand:

  1. Du bliver uddannet og certificeret hurtigere. Du lærer mere på vores 6 dages accelererede kursus og får mindst 12 timers daglig uddannelse i et distraktionsfrit miljø.
  2. Dit kursus er alt-inklusiv. Du får en gennemskuelig pris, der dækker alle kursusmaterialer, eksamen, overnatning og forplejning. Du skal ikke tænke på andet end at lære.
  3. Bestå den første gang eller kom tilbage, gratis. Din instruktør er ekspert, og træner dig ud fra accelererede metoder, så du lærer hurtigere og har de bedste muligheder for at bestå eksamen første gang. Men hvis du mod forventning ikke består, er du dækket af vores Certificeringsgaranti.
  4. Tag hos en prisvindende uddannelsesleverandør. Vi har vundet adskillige udmærkelser heriblandt Microsofts "Årets Learning Partner" hele fem gange og to Børsen Gazelle priser. Firebrand er din hurtigste vej til uddannelse, og vi har sparet 70,000 deltagere for mere end en million spildte timer siden 2001.

Benefits

Curriculum


CompTIA CySa+ (Cybersecurity Analyst)


Section 1: Threat Management

  • Module 1: Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
  • Module 2: Given a scenario, analyse the results of a network reconnaissance
  • Module 3: Given a network-based threat, implement or recommend the appropriate response and countermeasure
  • Module 4: Explain the purpose of practices used to secure a corporate environment

Section 2: Vulnerability Management

  • Module 1: Given a scenario, implement an information security vulnerability management process
  • Module 2: Given a scenario, analyse the output resulting from a vulnerability scan
  • Module 3: Compare and contrast common vulnerabilities found in the following targets

Section 3: Cyber Incident Response

  • Module 1: Given a scenario, distinguish threat data or behaviour to determine the impact of an incident
  • Module 2: Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation
  • Module 3: Explain the importance of communication during the incident response process
  • Module 4: Given a scenario, analyse common symptoms to select the best course of action to support incident response
  • Module 5: Summarise the incident recovery and post-incident response process

Section 4: Security Architecture and Tool Sets

  • Module 1: Explain the relationship between frameworks, common policies, controls, and procedures
  • Module 2: Given a scenario, use data to recommend remediation of security issues related to identity and access management
  • Module 3: Given a scenario, review security architecture and make recommendations to implement compensating controls
  • Module 4: Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC)
  • Module 5: Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies

IBM Security QRadar SIEM V7.3.3 Fundamental Administration


Section 1: Implementing

  • Module 1: Plan and design QRadar deployment
  • Module 2: Implement and install QRadar
  • Module 3: Add Managed Hosts

Section 2: Migrating and upgrading

  • Module 1: Plan QRadar upgrade and migration
  • Module 2: Review documentation and release notes
  • Module 3: Perform QRadar updates, patches and upgrades
  • Module 4: Perform migration (e.g., backup and restore, import and export content)

Section 3: Configuring and administering tasks

  • Module 1: Configure event flow sources and custom properties
  • Module 2: Maintain configuration and data backups
  • Module 3: Create and administer users, user roles, and security profiles
  • Module 4: Manage the license per allocation
  • Module 5: Create, review and modify rules, building blocks and reference sets
  • Module 6: Configure and manage retention policies (i.e., data and assets)
  • Module 7: Create and manage saved searches, index, global views, dashboards and reports
  • Module 8: Deploy and manage applications and content packages
  • Module 9: Configure global system notifications
  • Module 10: Configure and apply network hierarchy
  • Module 11: Configure and manage domain and tenants
  • Module 12: Use the asset database
  • Module 13: Schedule and run a VA scan

Section 4: Monitoring

  • Module 1: Monitor QRadar Notifications and error messages
  • Module 2: Review and interpret system monitoring dashboards
  • Module 3: Verify QRadar processes and services
  • Module 4: Monitor QRadar performance
  • Module 5: Use apps and tools for monitoring (e.g., QDI, assistant app, incident overview, DrQ)
  • Module 6: Check system maintenance and health of appliances
  • Module 7: Monitor offences and detect anomalies

Section 5: Troubleshooting

  • Module 1:  Demonstrate knowledge of key commands to interpret QRadar services and processes
  • Module 2: Explain error messages and notifications
  • Module 3: Interpret the basic logs (e.g., qradar.error, qradar.log)
  • Module 4: Use embedded troubleshooting tools and scripts

Exam Track

As part of your accelerated course, you’ll sit the following exams at the Firebrand Training centre, covered by your Certification Guarantee:


CompTIA CySa+ (Cybersecurity Analyst)

  • Exam code: CS0-001 – is it now CS0-002?
  • Format: Multiple-choice & performance-based
  • Duration: 165 minutes
  • Passing score: 750 (on a scale of 100-900)

IBM Security QRadar SIEM V7.3.3 Fundamental Administration

  • Exam code: C1000-026
  • Duration: 90 minutes
  • Passing score: 40/60 (66.7%)
  • Domains:
    1. Implementing (8%)
    2. Migrating and upgrading (12%)
    3. Configuring and administering tasks (42%)
    4. Monitoring (25%0
    5. Troubleshooting (13%)

What's Included

Det hele er inkluderet! Du får en alt-inklusiv kursuspakke, som er målrettet til dine behov. Vi tager os af enhver detalje, så det eneste du skal fokusere på er dine lærings- og certificeringsmål.

  • Transport til/fra specifikke afhentningssteder
  • Overnatninger, samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
  • Intensiv Hands-on uddannelse med vores unikke (Lecture | Lab | Review)TM metode
  • Omfattende kursusmaterialer og labmanualer
  • Et helt igennem instruktørstyret program
  • 24 timers adgang til både undervisningslokale og instruktøren
  • Samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
  • Certificeringsgaranti

Prerequisites

Before attending this accelerated course, CompTIA CySa+ and IBM Security QRadar SIEM V7.3.3 Fundamental Administration have individual prerequisites you'll need in order to get certified:


CompTIA CySa+ (Cybersecurity Analyst)

  • Network+, Security+ or equivalent knowledge
  • Minimum of 3-4 years of information security or related experience

IBM QRadar SIEM V7.3.2 Fundamental Administration

You'll need basic knowledge of:

  • RedHat
  • Networking
  • Basic Query Language
  • Regular Expressions
  • System architecture design
  • Security platform

Er du klar til dit Firebrand Kursus?

Vi interviewer alle potentielle deltagere angående deres baggrund, uddannelser, certificeringer og personlig indstilling. Hvis du kommer igennem denne screeningsprocedure, betyder det, at du har rigtig gode chancer for at bestå.

Firebrand Training tilbyder et ambitiøst uddannelsesmiljø, som forudsætter at du dedikerer dig til kurset. Ovenstående forkundskaber er vejledende; mange deltagere med mindre erfaring, men med en anden baggrund eller færdigheder, har haft succes med accelereret uddannelse hos Firebrand Training.

Hvis du funderer på hvorvidt du opfylder de anbefalede forkundskaber, er du meget velkommen til at ringe til os på 78 79 16 53 og tale med en af vores uddannelsesrådgivere, som kan hjælpe dig.

Kundereferencer

Vi har uddannet over 76.598 personer i løbet af 12 år. Vi har bedt dem alle om at bedømme vores accelererede kurser. Aktuelt har 96,73% sagt, at Firebrand oversteg deres forventninger:

"Firebrand, although full on, do exactly that they say. They do accelerated learning! I have learnt so much in 2 days than I every thought I would! Or thought possible. I feel confident I can pass an exam on a subject I was opened to only two days ago"
Jaidanne Andrews, Sopra Steria. (15/9/2020 (Tirsdag) til 16/9/2020 (Onsdag))

"Good value, great knowledge"
Richard Briant, CBRE. (14/9/2020 (Mandag) til 16/9/2020 (Onsdag))

"I am always impressed by the Firebrand Training experience. It is fit for purpose and not a conveyor belt to pass an exam"
Tom ODriscoll, MMG. (14/9/2020 (Mandag) til 16/9/2020 (Onsdag))

"The Firebrand approach to training on site works really well"
Anonym (14/9/2020 (Mandag) til 16/9/2020 (Onsdag))

"Firebrand have really stepped up their game in response to COVID. I felt safe and taken care of the whole time. Its quite intense - so strap in!"
Kishan Sthankiya. (7/9/2020 (Mandag) til 12/9/2020 (Lørdag))

Kursusdatoer

Starter

Slutter

Tilgængelighed

Sted

Tilmelding

25/5/2020 (Mandag)

31/5/2020 (Søndag)

Afsluttet - Giv feedback

-

 

28/9/2020 (Mandag)

4/10/2020 (Søndag)

Venteliste

Landsdækkende

 

9/11/2020 (Mandag)

15/11/2020 (Søndag)

Begrænsede pladser

Landsdækkende

 

21/12/2020 (Mandag)

27/12/2020 (Søndag)

Tilgængelige pladser

Landsdækkende

 

1/2/2021 (Mandag)

7/2/2021 (Søndag)

Tilgængelige pladser

Landsdækkende

 

15/3/2021 (Mandag)

21/3/2021 (Søndag)

Tilgængelige pladser

Landsdækkende

 

Seneste anmeldelser fra vores studerende