Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
4.0 /5- Offered byIBM
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab at IBM Overview
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
at IBM
Duration | 2 hours |
Mode of learning | Online |
Schedule type | Self paced |
Difficulty level | Intermediate |
Official Website | Go to Website  |
Credential | Certificate |
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab at IBM Course details
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
at IBM
What are the course deliverables?
- Learn about QRadar configuration changes and updates necessary for a successful QRadar Advisor with Watson investigation
- Configure QRadar SIEM and QRadar Advisor to show files that were executed or that were blocked on the systems that are monitored by QRadar SIEM
- Update the QRadar Advisor configuration to use proper custom mappings
- Learn how to run investigations and interpret the QRadar Advisor knowledge graph
- Configure and use the Cyber Adversary Framework Mapping Application
More about this course
- In this lab, you learn how to configure and use the QRadar Advisor with Watson app in a QRadar offense investigation.
- You learn to use regular expressions to extract QRadar custom properties and configure reference sets, rules, network hierarchy, and assets. The lab also walks you through the investigation process and you learn how to interpret QRadar Advisor knowledge graphs.
- The lab provides an overview of the Cyber Adversary Framework Mapping Application. This app is used to map your custom rules to MITRE ATT&CK tactics and override the IBM default rule mappings.
- The QRadar Advisor with Watson app V2.0.0 automatically maps MITRE ATT&CK tactics to CRE rules. In the QRadar Advisor with Watson app, you can see the tactics that are identified for an offense investigation. They are displayed in the offense details pane.
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab at IBM Curriculum
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
at IBM
Extract custom properties from various log sources
Update relevant reference sets
Create QRadar rules
Enable X-Force threat intelligence feed
Update network hierarchy and critical assets
Other courses offered by IBM
– / –
6 hours
Beginner
View Other 39 Courses
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab at IBM Students Ratings & Reviews
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
at IBM
4/5
1 Rating- 3-41
A
Ashish Raina
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
Offered by IBM
4
Learning Experience: Can be learned from security learning academy. In depth videos for Qradar Available. No hands on.
Faculty: There are no love sessions however you get a good quality of knowledge
The course structure is like basic to advanced with minimal assessments
Course Support: Was able to demonstrate from the knowledge which was gained from the course
Reviewed on 30 Oct 2022Read More
View 1 Review
Investigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab
at IBM
Student Forum
Anything you would want to ask experts?
ManagementOperationsQuality ManagementInvestigating offenses by using QRadar Advisor with Watson version 2.x - Virtual lab