The QRadar Advanced track at Virtual Master Skills University is specially designed to help more experienced QRadar users (with more than one year of experience) fine-tune their skills and knowledge. In live sessions and hands-on labs, you'll learn tips and best practices for UBA, Use Case Manager and Mitre Framework, Cloud Architecture, advanced searching strategies, QROC, and more. Plus, you'll hear about the future of threat management with Cloud Pak for Security and see how QRadar integrates with other IBM Security solutions like Resilient and X-Force.
Master Skills University 2020 - QRadar Advanced
The total time required to complete this roadmap is 22h 19m.
Welcome to Virtual Master Skills University 2020! This is IBM Security's very first virtual Master Skills event, and we're thrilled that you've chosen to spend part of your week with us. Each day, you'll experience advanced-level knowledge transfer from our top subject matter experts, get hands-on with self-paced virtual labs, and have opportunities to chat live with our experts. Here on Security Learning Academy, you'll find replays of the live Master Skills University sessions, all of the hands-on virtual Master Skills University labs, a virtual Escape Room game, additional relevant courses to help you continue your learning, and more.
To join the live sessions each day, use the “Attendee Catalog” link in your event confirmation and reminder emails. When they are available, recordings of the live sessions will become available here on Security Learning Academy. You cannot access the live sessions from Security Learning Academy.
Day 1: Monday, Sept 21, 2020
Day 2: Tuesday, Sept 22, 2020
Day 3: Wednesday, Sept 23, 2020
Day 4: Thursday, Sept 24, 2020 (Cloud Pak for Security)
Welcome to the Masters Skills University 2020 Escape Room for QRadar Advanced.
It’s check-out time!
completed a 3-day course, and now it’s time to check out of your
hotel and make your way to the lobby to catch your plane home. Make your
way from your room to the lobby to complete the game.
Mission: Starting in your hotel room, answer questions to gain “keys” to
unlock the door and move to the next room. There will be both quiz
questions relating to your courses and trivia questions to help you
navigate through the hotel and to the lobby.
This is a 360-degree presentation. Use your mouse to click and drag to view the environment.
In this session from Virtual Master Skills University 2020, you will learn about the newest Cloud Apps available for QRadar.
In this session from Virtual Master Skills University 2020, find out what's new with QRadar on Cloud (QROC) and learn about advanced QROC topics like QRadar Network Insights (QNI) on QROC, Cloud apps and licensing, and more.
In this session from Virtual Master Skills University 2020, you will learn best practices and advanced strategies for system monitoring using charting options in Pulse and AQL searching techniques.
In this session from Virtual Master Skills University 2020, you will learn advanced QRadar system replication and data resiliency topics, including best practices.
In this session from Virtual Master Skills University 2020, you will get a quick introduction to various cloud model deployments and take a deep dive into QRadar cloud architecture topics.
In this session from Virtual Master Skills University 2020, you will see a detailed walk-through of the Analyst's Workflow in the QRadar user interface.
In this session from Virtual Master Skills University 2020, you will learn about mapping rules on the MITRE Framework, including:
- Properties mapping
- What's under the hood of the MITRE app
- Obtaining updates from MITRE and understanding new MITRE techniques
- Best practices
- Use case library
- Watson MITRE mapping vs. use case MITRE mapping
In this session from Virtual Master Skills University 2020, you will take a deep dive into advanced UBA features and tasks, including:
- MSSP deployment
- Rules tuning
- Entity analysis
- Building a custom ML model
- Building the User Risk Timeline
The IBM Security User Behavior Analytics (UBA) app 3.6.0 supports multi-tenant environments in IBM Security QRadar 7.4.0 Fix Pack 1 and later.
Multi-tenant environments allow Managed Security Service Providers (MSSPs) and multidivisional organizations to provide security services to multiple client organizations from a single, shared QRadar deployment. You don't need to deploy a unique QRadar instance for each customer.
With QRadar 7.4.0 Fix Pack 1 or later and UBA 3.6.0, you can create multiple tenants from a single deployment instead of managing multiple deployments.
This virtual lab walks you through all concepts that are needed to set up the UBA app in a multi-tenant environment such as log sources, tenants, domains, security profiles, UBA users, and roles.