Die Trainings finden in deutscher Sprache mit englischen Unterlagen statt. Weitere Termine können Sie gerne bei uns anfragen unter: firstname.lastname@example.org
|Training||Termin||Zeit||Sprache / Standort||Preis (zzgl. MwSt.)|
|ESM320 – ArcSight ESM |
Advanced Analyst – CSE
kein Termin verfügbar – stellen Sie eine Anfrage
9:00 – 17:00 Uhr
This course provides you with the knowledge required to use advanced ArcSight ESM 6.11 content to find and correlate event information, perform Save actions such as notifying stakeholders, graphically analyze event data, and report on security incidents. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within ArcSight ESM that provide a significant edge in detecting active attacks.
This course covers ArcSight security problem solving methodology using advanced ArcSight ESM 6.11 content to find, track and remediate security incidents. During the training, you will use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event.
This course is intended for operators\analysts, who need to:
To be successful in this course, you must have the following prerequisites or knowledge:
Certification at the Certified Solutions Expert (CSE) level is only available with the ILT version of the course. The certification consists of a hands-on exam the last day of the class. The Accredited Software Professional (ASP) level is an online exam that is purchased separately from the course.
Upon completion of this course, students will be able to:
Module 1 – ESM Overview
Module 2 – ArcSight Console
Module 3 – ESM Active Channels
Module 4 – ESM Filters
Module 5 – Data Monitors and Dashboards
Module 6 – Variable Customization
Module 7 – ESM Lists
Module 8 – ESM Rules
Module 9 – Query Viewers Authoring
Module 10 – ESM Reports
Module 11 – Unified Event Search Tools