Webové stránky používají k poskytování služeb, personalizaci reklam a analýze návštěvnosti soubory cookie. Informace, jak tyto stránky používáte, jsou sdíleny se společností Google. Používáním souhlasíte s použitím souborů cookie. Více informací.

Rozumím

Kód školení: SEN25080

Sentinel 8 Administration (3159)

This course teaches you how to implement and use Sentinel 8. You will learn how to manage data including scalable storage, create active views, search for and review events, correlate events, create actions, and manage incidents. The hands-on labs for this course use version 8 of the software.

Obsah školení

Upon successful completion of this course, you should be able to:

  • Understand the dataflow of Sentinel
  • Discuss the different installation types
  • Define the several different types of use cases
  • List the new features of version 8.0
  • Discuss the latest license agreement type
  • List the data sources and data flow
  • Discuss factors of Sentinel sizing related to various networks
  • Create active views and apply filters in the control center
  • Understand the parameters of active views
  • Create event views and apply filters in the web UI
  • Create Users and Roles
  • Set LDAP Settings
  • Define Security
  • Setup Active User Sessions
  • Discuss Internal Data Stores
  • Define Data Retention
  • Discuss Remote Storage
  • Use the Event Source Management (ESM) user interface
  • Create an event source
  • Perform a Running Search
  • Define a Search Filters
  • Define Report Definitions
  • Perform a Distributed Search
  • Discuss White Label Template
  • Create active views and apply filters in the control center
  • Understand the parameters of active views
  • Create event views and apply filters in the web UI
  • Understand the parameters of event views
  • Discuss Correlated Event Output
  • Discuss Correlation Wizard
  • Define Correlation Logic
  • Define Creating Correlations
  • List Constructs and Operators
  • Creating Actions
  • Adding an Action to a correlation
  • Discuss Action panels
  • Define Action Execution Criteria
  • Understand Incident Management
  • Create a new incident
  • Review new incidence
  • Discuss iTRAC
  • Define Process and Work Management
  • List the ITRAC life cycle (steps and transitions)
  • Define Role Management
  • Discuss the differences between a Managed and a Unmanaged Windows Agent
  • Define Central Computer and Discovery rules
  • Discuss the Windows Agent Administrator (Wizard)
  • Define Data Mapping
  • Describe how to Add a Map
  • Discuss Meta-tag References
  • Perform an Anomaly Setup
  • Define Alerts
  • Discuss Role-based Access Control (RBAC)
  • Define Alert Creation
  • Discuss Real-time Alert Views
  • Define Alert Dashboards
  • Define NetFlow
  • Discuss NetFlow User Proxy
  • Install the NetFlow Collector
  • Discuss Trend Analysis
  • Create a Baseline
  • Determine Anomaly Detection

Předpokládané znalosti

To be successful in this course, you should have the following prerequisites or knowledge:

  • Windows
  • Networking
  • Active Directory
  • Cena školení

    41.600,- Kč bez DPH
    50.336,- Kč s DPH

    Termíny školení

    Momentálně nejsou vypsané žádné termíny kurzu. Napište nám o termín.

    Virtuální kurz

    Datum Jazyk kurzu Délka kurzu
    Virtuální kurz Angličtina 4 dny Registrovat

    Alternativní termín

    Nevyhovuje vám žádný z navrhovaných termínů? Napište nám o vypsání alternativního termínu.

    Kontaktujte nás