Course Locator

Sentinel Rapid Deployment 1.0 [Course 8207]

Course Overview

Sentinel RD is a single box, Rapid Deployment version of Sentinel 6.1- the market-leading security information management and compliance monitoring solution Sentinel RD is meant to jumpstart compliance monitoring and reporting programs with out-of-the-box capabilities. The Student is able to demonstrate to auditors and regulators that organization documents, monitors and reports on security controls Sentinel automates the process of monitoring for policy violations, identifying and responding to violations, and delivering compliance metrics to demonstrate the effectiveness of critical IT controls This course covers a wide range of NetIQ Sentinel 6.1 functionality, from basic analyst training to custom collector development.

Training Level: 2 - Intermediate

Duration: 4 Days

Key Objectives

The purpose of this deliverable is to provide an intermediate training for Sentinel Rapid Deployment (RD) and a thorough experience with each segment of the technology.

Audience Summary

The target audience is anyone needing initial training on Sentinel RD.What the target audience should be able to do after taking the courseAfter attending this course attendees will know how to set views, manipulate filters, analyze and investigate events, configure an incident tracking system, configure event source management and collect events from a multitude of common sources.

Course Prerequisites

There are no formal prerequisites, but to get full value from the class, you are encouraged to be familiar with basic security (SIEM/SEM) concepts.

Course Outline

This course will be delivered with the following sections:

  • SECTION 1 - Introduction
  • SECTION 2 - Active Views and Filters
  • SECTION 3 -Investigating and Analysis
  • SECTION 4 - Incidents
  • SECTION 5 - iTRAC
  • SECTION 6 - Administration
  • SECTION 7 - PostgreSQL Database
  • SECTION 8 - Correlation
  • SECTION 9 - Correlation Actions
  • SECTION 10 - Collectors, Connectors, and Reporting
  • SECTION 11 - Event Source Management
  • SECTION 12 - Javascript Action Framework
  • SECTION 13 - Solution Packs
  • SECTION 14 - Integrators
  • SECTION 15 - Troubleshooting

Course Description

Related Courses

You might also be interested in: