Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Udemy

A Guide to Security Information and Event Management - SIEM

via Udemy

Overview

Gain hands-on Tool insights using Splunk on Security information and event management and Security event manager

What you'll learn:
  • In this course you will go through an Introduction to SIEM, its Key Objectives, Defence in Depth, Corporate environment, Log Management, Why SIEM is necessary, Use cases, elements of SIEM, big 3 for SIEM, SIEM process flow, typical features of SIEM, event life cycle, SOC controls and management, SIEM architecture, 8 critical features of SIEM, SIEM deployment options, Why SIEM implementation fails and the business benefits
  • You will get an introduction to Splunk's user interface and will be conversant with the UI post this session. We cover Navigating splunk web: splunk home, splunk bar, splunk web,getting date into splunk, how to specify data inputs, where splunk stores data, getting tutorial data into splunk, using splunk search, search actions and modes, search results tools, events, what are fields, extracted fields, find and select fields,run more targeted searches, use the search language and learn with search assistant.
  • Start using Splunk's basic transforming commands and create reports, dashboards and alerts.
  • You will start using Splunk Enterprise Security
  • You will learn the different types of viruses: Boot sector, Program, Macro
  • You will also learn types other than viruses: Virus Hoaxes, Trojan Horses, Worms, Spam, Adware, Spyware
  • You will have clarity on what an Anti-Virus is, types of Anti-Virus products, how does Anti-virus work and examples of Anti-virus software's
  • Learn more on Security Devices, Encryption, Reliable passwords, use of anti-virus software and modern advanced network security devices.
  • Email: SMTP, Email system, webmail architecture - IMAP4 based, Email based attacks - social engineering, proxy server
  • Cyber security incidence response: what is it?, examples, purpose of incident response, cyber security incidents, meantime to resolution, incident management process, Logs from security monitoring and logging tools, Detection, Prevention and Protection
  • Understand and Manage Vulnerabilities

In this course you will go through an Introduction to SIEM, its Key objectives, Defence in depth, Corporate environment, Log management, Why siem is necessary, Use cases, Elements of siem, Big 3 for siem, SIEM process flow, Typical features of siem, Event life cycle, Soc controls and Management, SIEM Architecture, 8 critical features of SIEM and SIEM Deployment options. You will also get an introduction to Splunk's user interface and will be conversant with the UI. You can start using the Splunk's basic transforming commands, can create reports and dashboards, you will know how to save and share reports and also can create alerts.

Section 1:

You will gain real time insights on Security information and event management and Security event manager


Section 2:

You will identify threats and possible breaches and collect audit logs for security and compliance. You will be able to conduct investigations and provide evidence.


Section 3:

You will learn that Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.


Section 4:

You can understand how an attacker can come in and tries to understand how a corporate environment is setup of a target.


Section 5:

You will learn what SIEM and Log Management mean for businesses & how to use them more effectively to mitigate risk for your company.


Section 6:

You will learn that SIEM is necessary because of the rise in data breaches and to meet stringent compliance requirements


Section 7:

Learn the right approach to building SIEM use cases, how to organize and prioritize use cases effectively.


Section 8:

You will learn the SIEM elements, Big 3, Process flow, Features, Event life cycle, SOC controls and mgmt, SIEM architecture, Dashboards and Use cases


Section 9:

You will revisit features of SIEM and learn SIEM deployment options like self-hosted, self-managed to Hybrid-model, Jointly-managed. You will understand the business benefits of SIEM.


Section 10:

SIEM Essentials Quiz


Section 11:

You will understand Splunk's user interface -UI. You will be able to navigate UI features on your own: Navigating splunk web: splunk home, splunk bar, splunk web,getting date into splunk, how to specify data inputs, where splunk stores data, getting tutorial data into splunk, using splunk search, search actions and modes, search results tools, events, what are fields, extracted fields, find and select fields,run more targeted searches, use the search language, learn with search assistant

Section 12-18:

You can start using the Splunk's basic transforming commands, can create reports and dashboards, you will know how to save and share reports and also can create alerts after completing these sections.

You will learn what vulnerabilities are and will master to manage them

Taught by

Sai Acuity Institute of Learning Pvt Ltd Enabling Learning Through Insight!

Related Courses

Reviews

Start your review of A Guide to Security Information and Event Management - SIEM

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free