ESM320-76 - ArcSight-ESM-Advanced Analyst - Online Training - English - Webinar von Fast Lane Institute for Knowledge Transfer

• Module 1: ESM Overview
• Module 2: Command Center
• Module 3: ArcSight Console
• Module 4: Active Channels
• Module 5: Filters
• Module 6: Variable Customization
• Module 7: Data Monitors and Dashbords
• Module 8: ESM Lists
• Module 9: ESM Rules
• Module 10: Query Viewers Authoring
• Module 11: ESM Reports
• Module 12: Unified Event Search Tools

Upon successful completion of this course, you should be able to:

• Navigate ArcSight ESM console and command center to correlate, investigate, analyze and remediate both exposed and obscure threats
• Construct ArcSight variables to provide advanced analysis of the event stream
• Develop ArcSight lists and rules to allow advanced correlation activities
• Optimize event-based data monitors to provide real-time viewing of event traffic and anomalies
• Design new report templates and create functional reports
• Find events through the search tools

This course is intended for analysts responsible for:

• Defining their organization’s security objectives
• Building or using advanced content to correlate, view and respond to those security objectives.