• sales@4levels.co.za
  • +27 11 848 6229
  • 53/54, 14th Road, Noordwyk, Midrand, South Africa 1687





IBM Security QRadar SIEM 7.2 Foundations

Course Description

Overview QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn to navigate the user interface and how to investigate offenses. You search and analyze the information from which QRadar SIEM concluded a suspicious activity. Hands-on exercises reinforce the skills learned. Audience
  • Security Analysts
  • Security Technical Architects
  • Offense Managers
  • Network Administrators and System Administrators


You should have the following skills:
  • IT infrastructure
  • IT security fundamentals
  • Linux
  • Windows
  • TCP/IP networking
  • Syslog

Key topics

  • Introduction to IBM Security QRadar SIEM
  • How QRadar SIEM collects security data
  • Using the QRadar SIEM dashboard
  • Investigating an offense triggered by events
  • Investigating the events of an offense
  • Using asset profiles to investigate offenses
  • Investigating an offense triggered by flows
  • Using rules and building blocks Creating QRadar SIEM reports Performing advanced filtering


  • Describe how QRadar SIEM collects data to detect suspicious activities
  • Navigate and customize the QRadar SIEM dashboard
  • Investigate suspected attacks and policy breaches
  • Search, filter, group, and analyze security data
  • Investigate the vulnerabilities and services of assets
  • Locate custom rules and inspect actions and responses of rules
  • Use QRadar SIEM to create reports
  • Use charts and apply advanced filters to examine specific activities in your environment

Course Duration

3 Days
User Dashboard Client Zone