ArcSight Training Syllabus
Introduction to ArcSight
ArcSight is a comprehensive security information and event management (SIEM) solution used for threat detection, compliance, and security operations. This module introduces ArcSight, covering its core features, architecture, and use cases in security management.
Setting Up ArcSight
Learn how to install and configure ArcSight. This section covers system requirements, installation procedures, and initial setup. Explore how to configure ArcSight components and integrate them with your IT environment.
ArcSight Architecture and Components
Discover the architecture of ArcSight, including its key components such as ArcSight Manager, Logger, and ESM. Learn how these components interact to provide comprehensive security monitoring and management.
Event Collection and Management
Gain insights into collecting and managing security events with ArcSight. Learn how to configure log sources, collect and parse events, and manage event storage. Explore techniques for optimizing event collection and analysis.
Creating and Managing Correlation Rules
Learn how to create and manage correlation rules in ArcSight. Explore how to define and implement rules for detecting security incidents and generating alerts. Understand how to customize and optimize correlation rules for effective threat detection.
Incident Response and Investigation
Discover techniques for responding to and investigating security incidents using ArcSight. Learn about incident workflows, investigation tools, and techniques for analyzing and resolving security events.
Reporting and Dashboards
Learn how to create and manage reports and dashboards in ArcSight. Explore how to generate and customize reports, design dashboards for real-time monitoring, and use visualization tools to analyze security data.
Performance Tuning and Optimization
Understand how to optimize the performance of your ArcSight deployment. Learn about performance tuning techniques, resource management, and strategies for handling large volumes of security data.
Advanced Features and Customization
Explore advanced features and customization options in ArcSight. Learn how to extend ArcSight’s functionality with custom plugins, integrations, and scripts. Understand how to adapt ArcSight to meet specific security needs and requirements.
Best Practices and Security Considerations
Discover best practices for using ArcSight effectively. Learn about security considerations, including best practices for securing your ArcSight environment, managing access controls, and ensuring compliance with security policies.
ArcSight Syllabus
Introduction to The ArcSight SIEM
- Overview of SIEM Technology
- Definition and Benefits of SIEM
- Role of SIEM in Cybersecurity
- Understanding ArcSight SIEM
- Key Features and Capabilities
- Architecture and Components
Introduction to The ArcSight ESM Console Interface
- Navigating the ESM Console
- Dashboard Overview
- Accessing Key Features and Tools
- Customization and Settings
- Personalizing the Interface
- Configuring User Preferences
Viewing the ArcSight ESM 5.0 Data
- Data Management in ESM 5.0
- Types of Data and Sources
- Data Collection and Processing
- Analyzing Security Events
- Event Categorization and Filtering
- Conducting Basic Event Analysis
ArcSight SIEM Rules & Lists
- Creating and Managing Rules
- Rule Types and Creation Process
- Best Practices for Rule Management
- Utilizing Lists in ArcSight
- Purposes of Lists
- Managing and Updating Lists
ArcSight ESM Reports & Query Viewers
- Generating Reports in ESM
- Report Types and Templates
- Customizing Reports
- Using the Query Viewer
- Building and Executing Queries
- Analyzing Query Results
ArcSight ESM Network Model
- Building the Network Model
- Components of the Network Model
- Importance in Event Analysis
- Managing and Updating the Model
- Adding and Modifying Elements
- Leveraging the Model for Enhanced Visibility and Analysis
Training
Basic Level Training
Duration : 1 Month
Advanced Level Training
Duration : 1 Month
Project Level Training
Duration : 1 Month
Total Training Period
Duration : 3 Months
Course Mode :
Available Online / Offline
Course Fees :
Please contact the office for details