USA:+1-703-445-4802
UK:+44 20 3287 2021
India:+91-8143111555 / +91-8790216888
Whats app: +91-8143110555

AlienVault Training | AlienVault USM Training in Hyderabad India

AlienVault USM for Security Engineers

The Course Introduction provides students with the course objectives and prerequisite learner skills and knowledge for the AUSM for Security Engineers 5 day course. The Course Introduction presents the course flow diagram and the icons that are used in the course illustrations and figures.

AlienVAault USM Online Training in Hyderabad India

Duration: 40hrs

Course Content:

Module 1: Overview

This module provides an overview of the AlienVault® Unified Security Management™ (USM™) solution. Upon completing this module, you will meet these objectives:
• Understand the basic function of AlienVault USM
• Describe AlienVault USM Architecture
• Describe AlienVault Labs and the threat intelligence it provides

Module 2: AlienVault USM Basic Configuration and Verifying Operations

This module describes AlienVault Unified Security Management (USM) installation, basic configuration and verification, and graphical user interface. Upon completing this module, you will meet these objectives:
• Describe the AlienVault USM graphical user interface
• Understand how to work with the menus and options available on the graphical user interface
• Verify basic AlienVault USM operations



Module 3: Asset Management

This module describes AlienVault Unified Security Management (USM) asset management. Upon completing this module, you will meet these objectives:
• Define AlienVault USM assets
• Describe how AlienVault uses asset management
• Add assets to the USM asset database
• Configure and schedule asset discovery in the USM
• Configure and manage assets using asset groups, networks, and asset labels



Module 4: Configuring Data Sources

This module describes AlienVault Unified Security Management (USM) security intelligence, which uses data source plugins to normalize events from various data sources. It also includes correlation to detect security threats by tracking behavior patterns. Upon completing this module, you will meet these objectives:
• Describe data aggregation and normalization
• Describe data sources and how they work in USM
• Enable different data sources in USM
• Understand how events are processed in USM
• Calculate risk for USM event
• Correlate events in USM


Module 5: Policies and Actions

This module describes AlienVault Unified Security Management (USM) policies which are used to influence event processing, and to filter unnecessary events and false positives. The module also describes actions that can be configured as policy consequences. Upon completing this module, you will meet these objectives:
• Navigate the USM Policies user interface
• Configure USM actions
• Configure USM policies for events
• Configure USM policies for directive events



Module 6: Correlation Directives

This module describes how to customize security intelligence in AlienVault Unified Security Management (USM) system. This module describes how to customize or create new correlation directives. Upon completing this module, you will meet these objectives:
• Understand logical correlation in USM
• Describe correlation directives
• Create a custom correlation directive



Module 7: Threat Detection

This module describes AlienVault Unified Security Management (USM) threat detection functionalities. The module describes the Intrusion Detection System (IDS) and the AlienVault USM IDS functionalities: network IDS, and host IDS. The module also describes the AlienVault USM vulnerability assessment functionality. Upon completing this module, you will meet these objectives:
• Configure AlienVault USM network IDS
• Configure AlienVault USM host IDS through the Environment screen
• Configure AlienVault USM host IDS through the Assets screen
• Configure and perform AlienVault USM vulnerability assessment



Module 8: Behavioral Monitoring

This module describes AlienVault Unified Security Management (USM) behavioral monitoring functionalities. The module first (briefly) describes log collection, followed by AlienVault USM NetFlow collection. The module also explains the AlienVault USM availability monitoring functionality. Upon completing this module, you will meet these objectives:
• Describe and configure AlienVault USM log collection
• Describe and configure AlienVault USM NetFlow collection
• Describe and configure AlienVault USM availability monitoring



Module 9: OTX

This module describes the Open Threat Exchange (OTX). The module describes OTX and pulses, then how to follow and subscribe to other users and their pulses. Finally, students will create their own pulses. Upon completing this module, you will meet these objectives:
• Describe OTX and its important concepts
• Setting up an OTX account
• Search and subscribe to pulses and follow other OTX users
• Create a pulse for OTX



Module 10: Security Analysis

This module describes security analysis of alarms and events produced by AlienVault Unified Security Management (USM). The module starts with a description of a security analysis process, reviews Dashboards and Alarms, and then provides a detailed breakdown of the steps and tools available during the process of security analysis. Upon completing this module, you will meet these objectives:
• Describe the Security Analysis Process
• Examine the dashboards
• Remediate the alarms in USM
• Investigate events in USM
• Check raw logs for more details
• Examine packet captures for more details about an event
• File tickets to manage event investigation



Module 11: System Maintenance

This module describes AlienVault Unified Security Management (USM) system maintenance. The module first describes how long AlienVault USM stores alarms, events, and logs, and how you can modify retention settings. The module also describes how to perform event and full system backup and restore. Upon completing this module, you will meet these objectives:
• Describe AlienVault USM alarms, events, and logs retention
• Describe how to perform backup and restore of events data
• Describe how to perform backup and restore of configuration data



Module 12: Administrative User Management

This module describes AlienVault Unified Security Management (USM) administrative user management. The module first describes the administrative user account that is the default account to manage the web UI in AlienVault USM. The module continues to describe how to change settings of an administartive user, how to manage administrative user accounts, and how to manage global authentication settings. The module also describes administrative user activity accounting, and how to perform admin user account password recovery. Upon completing this module, you will meet these objectives:
• Describe administrative user management
• Manage user profile
• Manage administrative users
• Describe administrative user accounting
• Manage global authentications settings
• Recover admin user account password



Module 13: AlienVault USM Deployment

This module describes AlienVault Unified Security Management (USM) deployment options and explains how to prepare for the deployment. Upon completing this module, you will meet these objectives:
• Understand how to deploy AlienVault USM components
• Understand various AlienVault USM deployments
• Understand Correlation Context and Entities
• Describe how to handle other deployment considerations


Module 14: Upgrading AlienVault Unified Security Management (USM)

This module describes AlienVault Unified Security Management (USM) system upgrade process. The module describes how to update the AlienVault USM system and threat intelligence feeds, and how to perform offline upgrades. Upon completing this module, you will meet these objectives:
• Understand the USM Upgrade Process
• Upgrading USM
• Upgrading the threat intelligence, plugins, and reports
• Upgrading the USM appliance offline


Module 15: Reporting

This module describes AlienVault Unified Security Management (USM) reporting. The module first describes how to generate, view, and schedule reports, and how to customize reports or how to generate custom ones. Upon completing this module, you will meet these objectives:
• Describe the AlienVault USM reporting system
• Run, schedule, and view a report
• Create custom reports
• Create custom layouts for your reports
• Create custom modules from security events and logs



Module 16: Custom Plugins

This module describes how to customize security intelligence in AlienVault Unified Security Management (USM) system. The module first describes the plugins delivered by AlienVault and then how to customize or create custom data source plugins. Then the module describes how to customize or create new correlation directives. Upon completing this module, you will meet these objectives:
• Understand how to create custom plugins for USM
• Describe the configuration files for custom plugins
• Understand the role regular expressions play in customizing plugins
• Understand the SQL files for custom plugins
• Enable the new plugin

 
 
Natural    Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural