Building Security Use Cases with ArcSight ESM Content Training

Live Online & Classroom Enterprise Certification Training

This course covers ArcSight security problem solving methodology within the ESM context. This course focuses on the use case methodology. 24 CPE credits awarded upon course completion.

Looking for a private batch ?

REQUEST A CALLBACK

Certified Trainer
Authorized Courseware
Completion Certificate from ATP

Enterprise Reporting
Lifetime Access
CloudLabs
24x7 Support
Real-time code analysis and feedback

What is Building Security Use Cases with ArcSight ESM Content Certification Training about?

Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology, within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios, derived from the top business drivers in the market. During the training, you will learn to:

• Identify business drivers to develop Use Cases using ArcSight ESM

• Identify Use Case problems and requirement statements associated with actual

scenarios

• Using the Use Case worksheet, document the use case

• Develop ArcSight ESM content to accommodate Use Case discrete objectives

What are the objectives of Building Security Use Cases with ArcSight ESM Content Certification Training ?

Upon successful completion of this course, you should be able to:

• In an ArcSight ESM context, define Use Case

• Using the Use Case worksheet from an initial problem statement, generate requirement

statements and prioritize objectives

• Identify data sources and ESM resources required to fulfill the objectives of the use case

• Create identified ESM content

• Construct ArcSight Active Channels to provide advanced analysis of the event stream

• Develop ArcSight Rules to allow correlation activities

• Build event-based data monitors to provide real-time viewing of event traffic

• Package formulated ESM content for Use Case into ArcSight Resource Bundle

Who is Building Security Use Cases with ArcSight ESM Content Certification Training for?

This advanced course is intended for those whose primary responsibilities include:

• Defining organization’s security objectives

• Building ArcSight ESM content to adhere to those objectives

What are the prerequisites for Building Security Use Cases with ArcSight ESM Content Certification Training?

To be successful in this course, you should have the following prerequisites or knowledge:

• Common network device functions, such as routers, switches, hubs, etc.

• TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.

• Windows operating system tasks, such as installations, services, sharing, navigation, etc.

• SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.

• Security directives, such as Confidentiality, Integrity, Availability

Available Training Modes

Live Online Training

18 Hours

Classroom Training

3 Days

Course Outline Expand All

Expand All

Module 1: Understanding Use Cases

Defining Use Cases

Building ArcSight Use Cases

ArcSight Best Practice Considerations

Module 2: Delivering ArcSight Use Cases

Activity 1 - Solution Delivery Using Packages

Activity 2 – Using the ArcSight Use Case Resource

Module 3: Compliance Use Cases – Self Study

Use Case 1 – FISMA

Use Case 2 – PCI

Use Case 3 - SOX

Module 4: Appendix

Module 1 and Module 3 Topic Quizzes

Module 5: Implementing Custom ArcSight Solutions

Internal Threats

Use Case 1 - Privileged Account Usage

Use Case 2 - Network Logon Status

Use Case 3 - Account Deletion Policy

Use Case 4 – Removable Media Policy

• Perimeter Threats

Use Case 5A - Zero Day Attack Policy

Use Case 5B - Zero Day Attack Policy Confirmation

Use Case 6 – Reducing False Positives Policy

Use Case 7 -Anti-Virus Metrics

Use Case 8 - Disallowed Services Monitoring

Use Case 9 - Custom Use Case

Who is the instructor for this training?

The Trainer is IBM certified Instructor with extensive domain experience, including years of experience training & mentoring professionals in the industry.

Building Security Use Cases with ArcSight ESM Content Certification Training - Certification & Exam

SpringPeople is the Authorized Training Partner of Micro Focus.
The training fees is exclusive of exam cost.
For any queries; feel free to reach us at microfocus@springpeople.com

Reviews

My outlook on training changed completely after attending SpringPeople BPC training. The content, the trainer and infrastructure at SpringPeople were top notch and perfectly in tune with the industry requirements. Regardless to say, training is now something that I look forward to to. Kudos to everyone at SpringPeople!

Shweta Priya

Sony

I attended the 3-day AngularJs training at SpringPeople. The trainer was an industry veteran with vast experience in the subject. Notably, the hands-on training, and the Q&A session stood out. Overall, I found SpringPeople a great place to learn with excellent facilities and great trainers. Would recommend SpringPeople to my colleagues and friends.

Swati Singh

I attended the training on API Design for Mulesoft. The sessions were well planned and value-laden. I benefited immensely from the hands-on experience enabled through virtual labs. I would like to specifically commend the efficiency of the support team who were always available to resolve my concerns.

Nikhil Kohli

Stryker

I attended the jQuery training batch, conducted by Mr. Vijay, an SME who did a thorough coverage of all the essentials. He took us through concepts such as jQuery animations, event handlers, plugins, and jQuery-UI by small programs, very easily. The sessions were useful and well structured. By the end of the training, I was well equipped to develop a SPA on Product Management System. Overall, the learning experience at SpringPeople was great!

Heena Rajan

Mindtree