IBM Security QRadar SIEM 7.1 Foundations (BQ100)

Request a Quote for this class

About this Course

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, topologies, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn how to navigate QRadar SIEM to detect anomalies and unusual behavior. Using the skills taught in this course, you can identify and investigate threats and attacks. Hands-on exercises reinforce the skills learned.

Audience Profile

This basic course is for:

  • Security Analysts
  • Network Administrators
  • System Administrators

At Course Completion

Students will be able to:

  • Navigating the QRadar SIEM user interface
  • Analyzing network activity
  • Analyzing log activity
  • Discovering servers
  • Determining and assessing vulnerabilities
  • Investigating offenses
  • Creating rules
  • Tuning offenses
  • Reporting


You should have the following skills:

  • TCP/IP networking
  • Familiarity with logfiles and events
  • IT security fundamentals

Course Outline

  1. Unit 1: Introduction

  2. Unit 2: Network Security

  3. Unit 3: Dashboard

  4. Unit 4: Log Activity

  5. Unit 5: Network Activity

  6. Unit 6: Advanced Filtering

  7. Unit 7: Asset and Vulnerability Assessment

  8. Unit 8: Offenses

  9. Unit 9: Offense Investigation

  10. Unit 10: Rules

  11. Unit 11: Tuning

  12. Unit 12: Reporting

  13. Unit 13: Customer Support