ArcSight ESM 5.0 Security Analyst

'Monitor security events & escalate security incidents for further analysis and remediation'
Location Duration  
Utrecht, April 15, 2013 5 days Request information  Register for this course
Utrecht, April 22, 2013 5 days Request information  Register for this course
Lancelot Institute In- Company and Customized Training Services Request information
Partner with the Lancelot Institute Request information

The ArcSight ESM 5.0 Security Analyst course provides students with the required knowledge to use the ArcSight Console to monitor security events. It also teaches how to escalate security incidents through the ArcSight ESM 5.0 workflow for further analysis and remediation, how to build or use standard ArcSight ESM 5.0 content to find and correlate event information, perform actions such as notifying stakeholders, analyze event data graphically and report on security incidents within their security environment.

This course is intended for operators/analysts, who need to use the ArcSight ESM 5.0 Console to monitor, display and report on security incidents, build or use standard content to correlate, view and respond to security incidents and design, deploy and maintain the ArcSight network model to accurately build content, view and report on security incidents. At the end of this course, they will be able to:  

  • Describe ArcSight ESM 5.0 Product Components which collect, process, model, prioritize, correlate, monitor, analyze, store, and archive enterprise-generated events  
  • Describe the ArcSight ESM 5.0 Event Schema and how it is used to normalize base data into information for ArcSight Aggregation and Correlation to be used in Filters, Rules, Data Monitors, and Reporting  
  • Navigate the ArcSight ESM 5.0 Console and Web Components to effectively Correlate, Investigate, Analyze, and Remediate both exposed and obscure threats to give situational awareness and real time incident response  
  • Implement custom and stock Filters, Rules, Session Lists and Active Lists, and other ESM 5.0 content, along with using the Integrated Case Management and Workflow, to identify, categorize, and, if needed, escalate events of interest and manage event data streams flowing into ArcSight ESM 5.0.
  • Implement Network and Asset Models to build a custom business-oriented view within an ArcSight ESM 5.0 environment using either the Network Modeling Wizard or manually.
Module 1 – ArcSight ESM: Overview
Module 2 - ArcSight Event Schema
Module 4 - Using ESM Console
Module 5 - Using Active Channels
Module 6 - Using Filters
Module 7 - Using Variables
Module 8 - Using Dashboards and Data Monitors
Module 9 - ESM Rules
Module 10 - ESM Reports
Module 11 - Query Viewers
Module 12 - ESM Network Model
Module 13 - ESM Workflow
Module 14 - ArcSight ESM Web
sluiten

Interested?



Name:  
Company:  
Position:  
E-mail:  
Address:  
Zip Code / City:  
Cell Phone:  
Country:  
 
Course:   ArcSight ESM 5.0 Security Analyst
Date & Location:  
Comments:  
sluiten

Tell a friend



Name:  
E-mail:  
Friend's name:  
Friend's email:  
sluiten

Book our experts for events, consultancy and congresses


 


Name:  
Company:  
Position:  
E-mail:  
Address:  
Zip Code / City:  
Cell Phone:  
Country:  
 
Interested in:   Additional information
Personal contact
Area of interest:  
Question/remark:  
Comments:  
sluiten

In house training at your location



Name:  
Company:  
Position:  
E-mail:  
Address:  
Zip Code / City:  
Cell Phone:  
Country:  
 
Interested in:   Additional information
Personal contact
Area of interest:  
Question/remark: