Course Search Results

Found 27 courses tagged with "Think 2019".

Overview
IBM Security Identity Governance and Intelligence, or simply IGI, is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers Line of Business managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

This lab provides a real business user experience. You imitate a day in the life of a Line of Business manager, who uses IGI to manage accesses for his team members.

Feel free to explore each of the applications in depth and work with the data in any way you like. This is a live and fully functional Identity Governance environment, with many sample user records, roles, and risk definitions.

The Identity Governance and Intelligence user interface is divided into two areas. The Administration Console is reserved for administrators, while the Service Center is where the applications for business users are contained. In this lab we use the Service Center only.

Objectives

  • Overview of the Service Center
  • Working on pending requests
    • Submitting a request
    • Evaluating, approving or rejecting requests as a user manager
    • Verifying the new role
  • Requesting roles for team members
    • Requesting a role for a team member
    • Evaluating and approving requests
    • Verifying the new role
  • Certification campaigns
    • Evaluating running certification campaigns
    • Redirecting evaluation to another reviewer
    • Tracking progresses
    • Generating certification campaign reports

In this lab course, you learn how to import structured data directly in the i2 Enterprise Intelligence Analysis Information Store.

Guardium provides over 600 preconfigured reports. As well as being useful in themselves, these reports can serve as templates to create a report customized to your specific needs. This saves time and effort. In this course, you clone a Guardium query. Then, you customize the fields and conditions of this query and generate a report from the new query.

The lab environment reflects Guardium 10.5.

Lou Fuka


Federated Directory Server (FDS) is a premium feature of the IBM Security Directory Suite. FDS enables a collection of directories and other sources of data to be combined and treated as a single hierarchical directory. The FDS console is a ready-to-use application that implements this directory. The IBM Security Directory Suite Directory Server is the default core centralized or target repository for Federated Directory Server. In this lab, you perform an initial FDS setup, and configure the FDS to use an LDIF file as a source.

Learn how to prepare Microsoft Active Directory Federation Services (ADFS) to be used as the Identity provider for the  federated SAML authentication of devices and portal administrators in MaaS360.  You configure both ADFS  and MaaS360  to use Security Assertion Markup Language (SAML)  and then test portal administrator and device enrollments using this authentication.  Microsoft ADFS is used as the Identity Provider in this lab but any Identity Provider that supports SAML 2.0 can be used to achieve federated single-sign on in MaaS360.

This lab demonstrates how to enable social login to a web application using Google credentials. You set up OpenID Connect (OIDC) Federation for this integration because Google is fully compliant with OpenID Connect and has a metadata URI. You configure Google as an OIDC Provider and IBM Access Manager as a Relying party.
The integration scenario is demonstrated using the built-in live demo application in Access Manager.

Pass-through authentication (PTA) is a feature of Directory Server, which delegates authentication of users to a different LDAP server.
In this exercise, you configure PTA so that when an authentication request is received for a user, the central Directory Server forwards that request to another Directory Server instance for validation.

In this lab, you learn how to implement context-based access for a mobile application using REST (JSON) parameters. You configure an access policy that detects high-value transactions using a certain attribute in the JSON payload and prompts for step-up authentication. The step-up authentication requires the users to provide a time-based one-time password (TOTP).
You generate the OTP either using the OTP Generator demo application provided in the lab or by using a mobile app on your phone, for example, IBM Verify or Google Authenticator.

Guardium gathers a large amount of data about your database environment. You use reports and queries to learn the details of your data security environment. In this virtual lab, you create a dashboard, simple query, and report that is used to examine user data you generate.

The lab environment reflects Guardium 10.5.

Franklin Almonte

Reports in IBM QRadar SIEM condense data to statistical views on your environment for various purposes, in particular to meet compliance requirements. In this lab, you run an a report from an existing template, then create a new report based on a saved search, and finally create a new report from a new search.

Guardium data security policies help flag suspicious database activity and events. In this virtual lab, you create a policy that will detect and alert on database login failures that occur multiple times over a short time period.

Franklin Almonte


Anomaly detection aims to alert to threats that are undocumented and therefore cannot be detected by methods that monitor for well defined indicators. Such threats can be detected by monitoring for an unusual volume of activities. With IBM® QRadar® SIEM, create anomaly detection rules to monitor for deviations from the baseline of expected activities.

In these exercises, you develop an anomaly detection rule of type Anomaly. It tests for the deviation of the number of events matching a grouped search from the weighted moving average. The rule fires in the exercise because the sample data spikes above the deviation percentage configured in the anomaly rule.

Device Support Modules (DSM) enable QRadar SIEM to normalize events from raw logs received from various source types. These events must be parsed, normalized, and correlated into offenses to alert you to suspicious activities. In these exercises, you use the DSM Editor to create a log source type for an unknown source of events. You also configure the new log source type to parse and normalize its properties and create unique identifiers and mappings so that QRadar SIEM can name, rate, and categorize the events from the unkown log source.

Guardium policies often have multiple rules. By default, after a rule is triggered, processing stops. If you do not want to stop processing after the first rule triggers, you must configure your policy to continue to the next rule. In this lab, you configure and test a policy to examine the continuation functionality.

The lab environment reflects Guardium 10.5.

Louis Fuka

In this lab session, you learn how to use the MaaS360 portal workflows to support a mobile enterprise.  As a help desk administrator you might have access to all MaaS360 workflows or a subset of workflows based on your access roles. In the lab, you learn how to set up and use key configurations such as security policies, compliance rules, enrollment requests, and device groups. You use workflows such as apps and docs to push content to devices, and then use device inventory and actions to manage devices.  In order to understand how users enroll and use the MaaS360 app on devices, you enroll an Android device in MaaS360.

In this lab session, you learn how to use the MaaS360 portal workflows to support a mobile enterprise.  As a help desk administrator you might have access to all MaaS360 workflows or a subset of workflows based on your access roles. In the lab, you learn how to set up and use key configurations such as security policies, compliance rules, enrollment requests, and device groups. You use workflows such as apps and docs to push content to devices, and then use device inventory and actions to manage devices.  In order to understand how users enroll and use the MaaS360 app on devices, you enroll an iOS device in MaaS360.

**This course is retired**


The IBM i2 Enterprise Insight Analysis i2 Connect capability enables analysts to search for and retrieve data from external data sources that use the Opal quick search functionality, and then analyze the results on a chart in Analyst's Notebook Premium. To use i2 Connect, you must obtain or create a custom connector to the external data source that you want to search.

Overview

Certification campaigns are a formal process that automates the periodic review of a relationship, and enables critical access decisions by nontechnical line-of-business managers.

This video shows how administrators configure certification campaigns to satisfy the company's business needs, and how business users (campaign reviewers and supervisors) operate and interact during a certification campaign.

Attach scripts to custom rules to do specific actions in response to network events. Use the Custom Action window to manage custom action scripts. Use custom actions to select or define the value that is passed to the script and the resulting action.


License keys entitle you to use specific IBM Security QRadar products and control the event and flow capacity for your QRadar deployment. You can add licenses to your deployment to activate other QRadar products, such as QRadar Vulnerability Manager.

This self-paced course provides you the foundations of license management, their components, and explain how they are managed within QRadar.

Course Objectives

  • Define ways to upload and maintain license keys in the QRadar SIEM console.
  • Obtain hands-on experience with viewing license details, uploading a license key, allocating a license key to a host, deleting licenses, and exporting license information.

IBM MaaS360 is a comprehensive enterprise mobility platform. With MaaS360, IT departments can deliver end-to-end security and management for applications, documents, email, and devices. It provides employees with secure access to corporate resources and information from their mobile devices, without compromising the user experience, data security, or privacy. MaaS360 simplifies the process by providing everything that you need to securely manage all your mobile assets from an on-demand, intuitive portal.

In this lab session, you learn how to manage mobile devices with MaaS360 and enhance mobile user security and productivity. This lab is a basic introduction to managing Android mobile devices with MaaS360. If you are a mobile security administrator or mobile security consultant, there are several in-depth training courses on the IBM Security Learning Academy that you can take to broaden your MaaS360 skills.

Note: Download the MMS_Labfiles.zip file to your desktop and extract the files. The files are required to complete the lab.

IBM MaaS360 is a comprehensive enterprise mobility platform. With MaaS360, IT departments can deliver end-to-end security and management for applications, documents, email, and devices. It provides employees with secure access to corporate resources and information from their mobile devices, without compromising the user experience, data security, or privacy. MaaS360 simplifies the process by providing everything that you need to securely manage all your mobile assets from an on-demand, intuitive portal.

In this lab session, you learn how to manage mobile devices with MaaS360 and enhance mobile user security and productivity. This lab is a basic introduction to managing iOS mobile devices with MaaS360. If you are a mobile security administrator or mobile security consultant, there are several in-depth training courses on the IBM Security Learning Academy that you can take to broaden your MaaS360 skills.

Note: Download the MMS_Labfiles.zip file to your desktop and extract the files. The files are required to complete the lab.
Course revision 2.0

In this Think 2019 session replay, Shane Weeden and Nick Lloyd discuss the future of strong authentication, including Risk-based, passwordless, and decentralized identity mechanisms.

This lab provides step-by-step instructions for configuring a basic identity federation deployment between IBM Access Manager and Salesforce.com using SAML 2.0.
In this lab, you first obtain a Salesforce Developer Edition instance and configure it for SAML Single Sign-On from IBM Access Manager. Access Manager acts as a SAML 2.0 Identity Provider (IdP) and Salesforce acts as a Service Provider (SP).

This lab covers the following three main OAuth 2.0 workflows supported by IBM Access Manager: Authorization code, Implicit grant, and Resource owner password credentials (ROPC).

IBM Guardium provides powerful functions you can use to monitor and control database access. Guardium can terminate sessions performing suspicious database access commands and even quarantine suspicious users. In this lab, you explore the session termination and quarantine functionality.

The lab environment reflects Guardium 10.5.

IBM QRadar SIEM enables you to minimize the time gap between when a suspicious activity occurs and when you detect it. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. QRadar SIEM connects the dots and provides you insight by performing the following tasks:

  • Alerts to suspected attacks and policy violations in the IT environment
  • Provides deep visibility into network, user, and application activity
  • Puts security-relevant data from various sources in context of each other
  • Provides reporting templates to meet operational and compliance requirements
  • Provides reliable, tamper-proof log storage for forensic investigations and evidentiary use


Objective

The exercises in this lab provide a broad introduction into the features of QRadar SIEM. The exercises cover the following topics:

  • Navigating the web interface
  • Investigating a suspicious activity
  • Creating a report
  • Managing the network hierarchy