css siem training syllabus descriptions
TRANSCRIPT
SIEM Training Syllabus
SIEM and Trustwave SIEM OE Training Syllabus
Private and Confidential Page 2 of 6
Table of Contents
SIEM LP Operator: Using SIEM ............................................................... 3
Overview: ........................................................................................ 3 Audience: ......................................................................................... 3 Course Contents: .............................................................................. 3 Workshop: ........................................................................................ 3 Prerequisites: ................................................................................... 3 Duration: ......................................................................................... 4 Accreditation: ................................................................................... 4
SIEM LP Administrator ........................................................................... 5 Overview: ........................................................................................ 5 Audience: ......................................................................................... 5 Course Contents: .............................................................................. 5 Workshop: ........................................................................................ 5 Prerequisites: ................................................................................... 6 Duration: ......................................................................................... 6 Accreditation: ................................................................................... 6
SIEM and Trustwave SIEM OE Training Syllabus
Private and Confidential Page 3 of 6
SIEM LP Operator: Using SIEM
Overview: This one day course will instruct the participant on the use of the SIEM LP solution from the perspective of a Security Analyst, a Compliance Officer, an Incident Responder and/or IT Operations personnel. Extensive exercises with the console and its Web Interface will prepare users to successfully monitor their environment leveraging the various SIEM LP services and run security and compliance reports to support their security and compliance posture. Upon completion of this course, the student shall be able to:
Navigate the SIEM LP user interface Monitor the network for security events Understand the implications of log messages and the corresponding
SIEM LP events in respect to the organizational environment, as well as the implicated threat to the organizational security posture
Produce Security and Compliance related reports
Audience: Compliance Officers Security Analysts Incident Responders IT Operations personnel Administrators
Course Contents: Introduction to SIEM LP and its services
o Basic deployment scenarios Navigating the console Status at a Glance, dashboards and charts Events
o Event monitoring Visual Analysis Logs
o Log monitoring Reports
o Compliance reports o IT Security and Control reports o SIEM Operations reports
Event Data Exporter Correlations and notifications
Workshop: Lab exercises are integrated with the training of SIEM LP services.
Prerequisites: None
SIEM and Trustwave SIEM OE Training Syllabus
Private and Confidential Page 4 of 6
Duration: 1 Day
Accreditation: N/A
SIEM and Trustwave SIEM OE Training Syllabus
Private and Confidential Page 5 of 6
SIEM LP Administrator
Overview: This one course will instruct the Administrator on the care and administration of the SIEM LP product in a standalone or an enterprise-wide environment. Upon completion of this course participants shall be able to:
Setup of the appliance Maintain the product for daily operations Backup and restore the SIEM configurations Apply OS and SIEM LP application updates Partner with Trustwave Support
Audience: Administrators
Course Contents: Enable the Compliance configuration Data acquisition overview for the supported data sources Enable the supported data sources System Management
o Configuration backup and restore o Image backup and restore o Automated and manual OS and application updates o Notifications for invocations of system management functions
SIEM LP Environment Management o Adding users and setting their privileges o SNMP/Email configuration o Status at a Glance
Asset and Zone administration o Assets and Groups o Zoning
Event ID Manager List Manager Trustwave Support Moving the appliance
Workshop: Moving the appliance from the lab to a production environment and
all that it may entail from a UI perspective: o System Management changes o New device support o Event ID manager updates o List Manager updates
SIEM and Trustwave SIEM OE Training Syllabus
Private and Confidential Page 6 of 6
o User Administration o Use of Log/Event Explorer and SIEM Operations reports for
verification o etc.
Prerequisites: SIEM LP Operator course
Duration: 1 Day
Accreditation: Certified SIEM Administrator