Szkolenia Micro Focus

Cel szkolenia

kod: INV110-11-E | wersja: 2.1

This course is a good starting point for a security analyst who is new to the ArcSight Investigate product to learn the fundamentals of ArcSight Investigate. You learn how to search and analyze event data for anomalies using the pre-defined query searches (and fieldsets) that are specific to security and threat investigating. Also, you learn how to create visual graphics that provide further insights to your search results. This course includes hands-on simulations that take you through real-life scenarios that occur when security threats arise in your organization.

Upon successful completion of this course, you should be able to:

  • Describe the concept of security investigation
  • Recognize the components and capabilities of ArcSight Investigate
  • Recognize the views a L1 analyst has in a Security Operations Center and ArcSight Investigate
  • Within the user interface:
    • Set up users, groups and roles
    • Search, analyze, navigate and manage different types of data
    • Produce some fundamental search techniques
    • Create visual graphics and chart the search results

Audience/Job Roles

This course is intended for Incident Response Managers, Hunt Teams, and Level 1 Analysts that monitor an organization's operations for security threats.

Plan szkolenia Rozwiń listę

  1. Introduction to Security Investigation             
    • Security Operations (SecOps) Role
    • Conducting a Security Investigations
    • Creating a Successful Security Investigation
    • Gathering Data for Analysis
    • Importance of Automation
  2. Introduction to ArcSight Investigate
    • Basic Investigate Architecture and ADP Integration
    • Search Components and Capabilities
    • Investigate User Interface
    • Level 1 Analyst Workflow
  3. Users and Roles         
    • Security Hunt Teams
    • Users
    • User Profile
    • Create a User**
    • User Groups
    • Add Users to a Group**
    • Remove a User from a Group**
    • Delete a Group**
    • Roles
    • Create Roles with Permissions**
  4. Analyst Workflow     
    • Interface and Features
    • Dashboard and Widgets
    • Searching Event Data
    • Setting a Time Range
    • Setting Fieldsets
    • Charting Data
    • Managing Search Results
    • Compare Outbound Data**
    • Analyze URLs**
    • Network Flow-type Analysis**
    • Search and Display the McAfee Detections**
  5. Fundamental Searches          
    • Search Types
    • Create Full Text Search**
    • Create Filed Based Search**
    • Create Hashtag Search**
    • Create a Bar Chart of your Search Results**
    • Create a Comparison Line Chart**
    • Exporting Search Results
  6. What's new in Investigate 2.1             
    • Describe the New Features 
    • Create Visualizations**
    • Find a User**
    • Look up Lists**
    • Create Searches**
    • Save Searches**


Pobierz konspekt szkolenia w formacie PDF

Dodatkowe informacje

Wymagania wstępne

To be successful in this course, you should have the following prerequisites or knowledge:

  • High speed Internet connection
  • Web browser (IE9+ or Firefox 8.5+), note: Chrome is not compatible
  • Understanding of ArcSight ESM
  • Basic understanding of web technologies, such as IP addresses, network assets
  • Have an interest in cybersecurity
Poziom trudności
Czas trwania 1 dzień

The participants will obtain certificates signed by Micro Focus (course completion).


Authorized Micro Focus Trainer.

Pozostałe szkolenia Micro Focus | ArcSight

Szkolenia powiązane tematycznie

Bezpieczeństwo IT

Formularz kontaktowy

Prosimy o wypełnienie poniższego formularza, jeśli chcą Państwo uzyskać więcej informacji o powyższym szkoleniu.

* pola oznaczone (*) są wymagane

Informacje o przetwarzaniu danych przez Compendium – Centrum Edukacyjne Spółka z o.o.



Zamawiana ilość:


Osoba kontaktowa

imię: *
nazwisko: *
adres *:
kod pocztowy *:
miasto *:
email: *
pola oznaczone gwiazdką (*) są wymagane
Zapisz się na szkolenie

Najbliższe szkolenia Micro Focus

Harmonogram szkoleń Micro Focus