Contact us now and book your course.

IBM - IBM Certified SOC Analyst certification

Duration

Duration:

Just 8 Days

Method

Method:

Classroom / Online / Hybrid

Next date

Next date:

24/6/2024 (Monday)

Overview

Achieve the IBM Certified SOC Analyst certification through this 8-day accelerated combined course. This programme includes the following courses:

  • CompTIA Cybersecurity Analyst CySA+
  • IBM's Security QRadar SIEM Administrator

Through CompTIA's CySA+, you'll learn best practices to secure and protect your business’ applications and systems by:

  • Configuring and using threat detection tools
  • Learning how to perform data analysis to identify vulnerabilities, threats and risks
  • Focusing on network behaviour – both internal and external threats

Through the IBM Security QRadar SIEM Administrator course, you’ll build knowledge on how to support IBM’s Security QRadar SIEM V7.3.3 by:

  • Implementing and managing a IBM Security QRadar SIEM V7.3.3 solution
  • Becoming familiar with the product’s functionality and security policies
  • Deploying, migrating and troubleshooting the IBM Security QRadar SIEM V7.3.3 software

At the end of your course you’ll sit exams CS0-002 and C1000-026, and get your IBM Certified SOC Analyst certification.


Authorised Partner of CompTIA


You’ll get access to official courseware and learn from certified instructors as Firebrand is an Authorised Partner of CompTIA.

Train through Firebrand’s Lecture | Lab | Review methodology and you’ll certify at twice the speed in a distraction-free environment.

Firebrand also offer the CompTIA Cybersecurity Analyst (CySA+) as an individual course and certification.


Audience


If you’re an analyst interested in building your technical knowledge and skills in CompTIA and IBM software, this course is ideal for you.

See prices now to find out how much you could save when you train at twice the speed.

 See prices

Four reasons why you should sit your course with Firebrand Training

  1. You'll be trained and certified faster. Learn more on this 8-day accelerated course. You'll get at least 12 hours a day of quality learning time in a distraction-free environment
  2. Your course is all-inclusive. One simple price covers all course materials, exams, accommodation and meals – so you can focus on learning
  3. Pass first time or train again for free. Your expert instructor will deliver our unique accelerated learning methods, allowing you to learn faster and be in the best possible position to pass first time. In the unlikely event that you don't, it's covered by your Certification Guarantee
  4. Study with an award-winning training provider. We've won the Learning and Performance Institute's "Training Company of the Year" three times. Firebrand is your fastest way to learn, with 134.561 students saving more than one million hours since 2001

Benefits

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

 Free Practice Test

Curriculum


CompTIA CySa+ (Cybersecurity Analyst)


Section 1: Threat Management

  • Module 1: Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
  • Module 2: Given a scenario, analyse the results of a network reconnaissance
  • Module 3: Given a network-based threat, implement or recommend the appropriate response and countermeasure
  • Module 4: Explain the purpose of practices used to secure a corporate environment

Section 2: Vulnerability Management

  • Module 1: Given a scenario, implement an information security vulnerability management process
  • Module 2: Given a scenario, analyse the output resulting from a vulnerability scan
  • Module 3: Compare and contrast common vulnerabilities found in the following targets

Section 3: Cyber Incident Response

  • Module 1: Given a scenario, distinguish threat data or behaviour to determine the impact of an incident
  • Module 2: Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation
  • Module 3: Explain the importance of communication during the incident response process
  • Module 4: Given a scenario, analyse common symptoms to select the best course of action to support incident response
  • Module 5: Summarise the incident recovery and post-incident response process

Section 4: Security Architecture and Tool Sets

  • Module 1: Explain the relationship between frameworks, common policies, controls, and procedures
  • Module 2: Given a scenario, use data to recommend remediation of security issues related to identity and access management
  • Module 3: Given a scenario, review security architecture and make recommendations to implement compensating controls
  • Module 4: Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC)
  • Module 5: Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies

IBM Security QRadar SIEM V7.3.3 Fundamental Administration


Section 1: Implementing

  • Module 1: Plan and design QRadar deployment
  • Module 2: Implement and install QRadar
  • Module 3: Add Managed Hosts

Section 2: Migrating and upgrading

  • Module 1: Plan QRadar upgrade and migration
  • Module 2: Review documentation and release notes
  • Module 3: Perform QRadar updates, patches and upgrades
  • Module 4: Perform migration (e.g., backup and restore, import and export content)

Section 3: Configuring and administering tasks

  • Module 1: Configure event flow sources and custom properties
  • Module 2: Maintain configuration and data backups
  • Module 3: Create and administer users, user roles, and security profiles
  • Module 4: Manage the license per allocation
  • Module 5: Create, review and modify rules, building blocks and reference sets
  • Module 6: Configure and manage retention policies (i.e., data and assets)
  • Module 7: Create and manage saved searches, index, global views, dashboards and reports
  • Module 8: Deploy and manage applications and content packages
  • Module 9: Configure global system notifications
  • Module 10: Configure and apply network hierarchy
  • Module 11: Configure and manage domain and tenants
  • Module 12: Use the asset database
  • Module 13: Schedule and run a VA scan

Section 4: Monitoring

  • Module 1: Monitor QRadar Notifications and error messages
  • Module 2: Review and interpret system monitoring dashboards
  • Module 3: Verify QRadar processes and services
  • Module 4: Monitor QRadar performance
  • Module 5: Use apps and tools for monitoring (e.g., QDI, assistant app, incident overview, DrQ)
  • Module 6: Check system maintenance and health of appliances
  • Module 7: Monitor offences and detect anomalies

Section 5: Troubleshooting

  • Module 1:  Demonstrate knowledge of key commands to interpret QRadar services and processes
  • Module 2: Explain error messages and notifications
  • Module 3: Interpret the basic logs (e.g., qradar.error, qradar.log)
  • Module 4: Use embedded troubleshooting tools and scripts

Exam Track

As part of your accelerated course, you’ll sit the following exams at the Firebrand Training centre, covered by your Certification Guarantee:


CompTIA CySa+ (Cybersecurity Analyst)

  • Exam code: CS0-002
  • Format: Multiple-choice & performance-based
  • Duration: 165 minutes
  • Passing score: 750 (on a scale of 100-900)

IBM Security QRadar SIEM V7.3.3 Fundamental Administration

  • Exam code: C1000-026
  • Duration: 90 minutes
  • Passing score: 40/60 (66.7%)
  • Domains:
    1. Implementing (8%)
    2. Migrating and upgrading (12%)
    3. Configuring and administering tasks (42%)
    4. Monitoring (25%0
    5. Troubleshooting (13%)

What's Included

Your accelerated course includes:

  • Accommodation *
  • Meals, unlimited snacks, beverages, tea and coffee *
  • On-site exams **
  • Exam vouchers **
  • Practice tests **
  • Certification Guarantee ***
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Digital courseware **
  • * For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
  • *** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Prerequisites

Before attending this accelerated course, CompTIA CySa+ and IBM Security QRadar SIEM V7.3.3 Fundamental Administration have individual prerequisites you'll need in order to get certified:


CompTIA CySa+ (Cybersecurity Analyst)

  • Network+, Security+ or equivalent knowledge
  • Minimum of 3-4 years of information security or related experience

IBM QRadar SIEM V7.3.3 Fundamental Administration

You'll need basic knowledge of:

  • RedHat
  • Networking
  • Basic Query Language
  • Regular Expressions
  • System architecture design
  • Security platform

Are you ready to get certified in record time?

We interview all applicants for the course on their technical background, degrees and certifications held, and general suitability. If you get through this screening process, it means you stand a great chance of passing.

Firebrand Training is an immersive training environment. You must be committed to the course. The above prerequisites are guidelines, but many students with less experience have other background or traits that have enabled their success in accelerated training through Firebrand Training.

If you have any doubts as to whether you meet the pre-requisites please call 09 - 31 587 431 and speak to one of our enrolment consultants, who can help you with a training plan.

Reviews

We've currently trained 134.561 students in 12 years. We asked them all to review our Accelerated Learning. Currently,
96,41% have said Firebrand exceeded their expectations:

"I had a great time. The instructor is very knowledgeable and his training is on point. Two exams in 2 days is a lot. But he makes it doable."
Juan van Gom, Ministry of Defense Netherlands. (19/1/2024 (Friday) to 21/1/2024 (Sunday))

"Detailed and thorough training in a great environment."
Anonymous, SYP. (8/1/2024 (Monday) to 12/1/2024 (Friday))

"I attended the Cyber Crime Foundation course with very little knowledge.. The instructor was fantastic, explained subjects in depth and allowed a good amount of time for questions. I came away with lots of knowledge ready to use what I've learnt in my day-to-day role."
JS. (8/1/2024 (Monday) to 12/1/2024 (Friday))

"I very much enjoyed the training! It is a must for police officers new to Cyber Crime Units and is delivered at a good pace. Very good trainer with exceptional knowledge and enthusiasm."
Steve Lloyd, West Mercia Police. (8/1/2024 (Monday) to 12/1/2024 (Friday))

"I have really enjoyed the course, although I have been a self-professed nerd for many years, there was still some knowledge I took from this course. The tutorials on practical applications is something I will take away and use."
Joseph Ingram-Gettins, West Midlands Police. (8/1/2024 (Monday) to 12/1/2024 (Friday))

Course Dates

Start

Finish

Status

Location

Book now

19/2/2024 (Monday)

26/2/2024 (Monday)

Finished - Leave feedback

-

 

24/6/2024 (Monday)

1/7/2024 (Monday)

Wait list

Nationwide

 

5/8/2024 (Monday)

12/8/2024 (Monday)

Limited availability

Nationwide

 

16/9/2024 (Monday)

23/9/2024 (Monday)

Open

Nationwide

 

28/10/2024 (Monday)

4/11/2024 (Monday)

Open

Nationwide

 

9/12/2024 (Monday)

16/12/2024 (Monday)

Open

Nationwide

 

Latest Reviews from our students

Trustpilot