TRAINING CATEGORIES
(Click Category to List Courses)

42 - IT-S Information Technology - Security and Audit


IT-S 175 - Security Information and Event Management (SIEM)

Code Start Date Duration Venue
IT-S 175 18 November 2024 5 Days Istanbul Registration Form Link
IT-S 175 16 December 2024 5 Days Istanbul Registration Form Link
Please contact us for fees

 

Course Description

Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of an organization’s information technology (IT) security. A SIEM system collects logs and other security-linked support for analysis. Most SIEM systems work by deploying multiple collection agents in a hierarchical fashion to collect security-related events from end-user devices, hosts, network equipment -- and even specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console, which performs inspections and flags anomalies. To permit the scheme to identify anomalous events, it’s significant that the SIEM administrator first creates a profile of the organization under normal event conditions.

Course Objectives

  • Bring participants up to speed on SIEM use, architecture, and best practices
  • Know what type of data sources to collect logs from
  • Configure Signature Updates.
  • Provide context to standard alerts to help understand and prioritize them
  • Integrate and write custom scripts against a SIEM

Who Should Attend?

  • Security Analyst
  • Security Architects
  • Senior Security Engineers
  • Technical Security Managers
  • SOC Analysts

Course Details/Schedule

Day 1

  • Log management Overview, its structure and log collecting methods.
  • Importance of Central Log Management. 
  • Working with CRYPTTECH Log Manager CRYPTOLOG. 
  • Log collecting in compliance with regulations 
  • Security information and event management (SIEM) overview. 
  • CRYPTOSIM Overview. 
  • CRYPTOSIM in compliance with regulations 
  • CRYPTOSIM functionally and who should be using it. 
  • Deploy the CRYPTOSIM VM in production environments.

Day 2

  • CRYPTOSIM installation 
  • CRYPTOSIM interface views, Navigation Usage  
  • CRYPTOSIM competent Architecture and Data flows 
  • Logs forwarding to CRYPTOSIM 
  • Sources- Knowing what type of data Sources to collect Logs From 
  • Source adding methods ( Syslog, Rsyslog, Agent, WMI, SMB, DB e.t.c) 
  • Agent Management 
  • Source Editing 
  • Source base index setting 

Day 3

  • Queries 
  • Queries Screen 
  • Complete text search 
  • Code chart and Asset management 
  • Index general settings definition 
  • CRYPTOSIM Dashboard usage and creation 
  • CRYPTOSIM Hunting for logs 
  • Best practice methods for collecting logs
  • Search filter, Group and analyze Security data 
  • Use Network Hierarchies

Day 4

  • Data Aggregation 
  • Policy Editor 
  • Correlation- Definition, functionally; and correlation methods 
  • Retrospective Correlation 
  • Correlation Incident 
  • Event Management 
  • Scenarios- Active list, Black list, Basic & Complex Correlation Samples 
  • Investigate the Vulnerabilities and service of assets 
  • Alarms and watch lists- Prioritizing Alerts 
  • Reporting-Preparing report – Predefined reports 

Day 5

  • Use charts and filters 
  • Integrate and write Customs scripts 
  • Investigate suspected attacks and policy breaches 
  • Analyze a real-world scenario 
  •  Troubleshooting and system management 
  • Signatory Verification 
  • User rights and management 
  • Distributed service management

 

ETABS and SAFE. Training 24 CCE 210 5 SAP 2000. Training 25 CCE 305 5 Quality Assurance in Pavement Construction 26 CCE 401 5 Construction Project Management 27 CCE 402 10 Construction Project Management (10 Days) 28 CCE 403 5 Construction Project Management-Intensive 29 CCE 405 5 Principles of Construction Project Management 30 CCE 406 10 Principles of Construction Project Management (10 Days) 31 CCE 410 10 Construction Project and Risk Management (10 days) 32 CCE 411 5 Project & Contract Management for Marine Construction 33 CCE 412 5 Application of GIS in Construction Management 34 CCE 415 4 Sustainable Water Management Techniques, Innovation and Solution (4 Days) 35 CCE 419 5 Construction Management of Hydraulic Projects 36 CCE 420 5 Water Project Management 37 CCE 421 10 Modern Technologies in the Supervision and Quality Control of Irrigation Projects and Dealing with Contractors (10 Days) 38 CCE 422 5 Rapid Earthquake Hazard Evaluation of Buildings 39 CCE 425 10 Practical Application of Computers in Structural Engineering (10 Days) 40 CCE 428 5 Survey & Profile Using Total Station 41 CCE 430 5 Bridge Construction and Maintenance 42 CCE 435 5 Bridge Inspection and Maintenance 43 CCE-A 410 10 إدارة المشاريع الهندسية -10 أيام
21 - TTC - Transportation and Traffic Control
22 - ADV - Architectural Design and Visualization
23 - SRM - Safety and Occupational Health
24 - CSM - Public Relations, Communication Skills & Office Management
25 - TEM - Training and Education Management
26 - CMR - Customer Relations