ESM180 – Building Security Use Cases with ArcSight ESM

Course code: ESM180

Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology, within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios, derived from the top business drivers in the market.

2 412 EUR

2 919 EUR including VAT

Selection of dates
onas
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: Upon request

Type: In-person/Virtual

Course duration: 3 days

Language: en/cz

Price without VAT: 2 412 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
Upon request In-person/Virtual 3 days en/cz 2 412 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course description

Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology, within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios, derived from the top business drivers in the market. During the training, you will learn to:

  • Identify business drivers to develop Use Cases using ArcSight ESM
  • Identify Use Case problems and requirement statements associated with actual scenarios
  • Using the Use Case worksheet, document the use case
  • Develop ArcSight ESM content to accommodate Use Case discrete objectives

Target group

This advanced course is intended for those whose primary responsibilities include:

  • Defining organization’s security objectives
  • Building ArcSight ESM content to adhere to those objectives.

Course structure

Upon successful completion of this course, you should be able to:

  • In an ArcSight ESM context, define Use Case
  • Using the Use Case worksheet from an initial problem statement, generate requirement statements and prioritize objectives
  • Identify data sources and ESM resources required to fulfil the objectives of the use case
  • Create identified ESM content
  • Construct ArcSight Active Channels to provide advanced analysis of the event stream
  • Develop ArcSight Rules to allow correlation activities
  • Build event-based data monitors to provide real-time viewing of event traffic
  • Package formulated ESM content for Use Case into ArcSight Resource Bundle

Prerequisites

To be successful in this course, you should have the following prerequisites or knowledge:

  • Common network device functions, such as routers, switches, hubs, etc.
  • TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.
  • Windows operating system tasks, such as installations, services, sharing, navigation, etc.
  • SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
  • Security directives, such as Confidentiality, Integrity, Availability

Do you need advice or a tailor-made course?

onas

product support

Follow-up courses

ESM200 – ArcSight ESM Administrator and Analyst en en/cz

Vendor: Micro Focus

Area: Security / Software

Price from

3 860 EUR without VAT

Price from

2 400 EUR without VAT

ESM320 – ArcSight ESM 7.6 Advanced Analyst with Certified Expert Exam en en/cz

Vendor: Micro Focus

Area: Security / Software

Price from

3 860 EUR without VAT

ComGate payment gateway MasterCard Logo Visa logo