TypeClassroom Training
Time5 Days
ArcSight ESM 6.9 Advanced Analyst

ArcSight ESM 6.9 Advanced Analyst Training Course & Certification


Audience & Prerequisites

Course Outline

Schedule & Fees


ArcSight ESM 6.9 Advanced Analyst Training Course 

This course covers HP ArcSight security problem solving methodology using advanced HP ArcSight ESM content to find, track and remediate security incidents. During the training, you will learn to use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event.

Objectives of ArcSight ESM 6.9 Advanced Analyst Training

  • Navigate HP ArcSight ESM Console and Command Center to correlate, investigate, analyze, and remediate both exposed and obscure threats
  • Construct HP ArcSight Variables to provide advanced analysis of the event stream
  • Develop HP ArcSight Lists and Rules to allow advanced correlation activities
  • Optimize event-based data monitors to provide real time viewing of event traffic and anomalies
  • Design new report templates and create functional reports
  • Find events through the search tools

Intended Audience of ArcSight ESM 6.9 Advanced Analyst Course

  • This basic course is intended for operators\analysts, who need to: Define their organization’s security objectives.
  • Build or use advanced content to correlate, view and respond to those security objectives.

Prerequisites for ArcSight ESM 6.9 Advanced Analyst Certification

  • Completed the HP ArcSight ESM Security Analyst (AESA) training Knowledge of:
  • Common security device functions, such as IDS/IPS, Network and Host-based firewalls, etc.
  • Common network device functions, such as routers, switches, hubs, etc.
  • TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc. Windows
  • operating system tasks, such as installations, services, sharing, navigation, etc.
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc. SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
  • Security directives, such as Confidentiality, Integrity, Availability


Course Outline                                                  Duration: 5 Days

  • Module 1 – ArcSight Console review
  • Module 2 – Active Channels and Filters review
  • Module 3 – Dashboards and Data Monitors Optimization
  • Module 4 – Variables Customization
  • Module 5 – ArcSight Lists and Rules
  • Module 6 – Designing ESM Reports
  • Module 7 – Query Viewers Authoring
  • Module 8 – Unified Event Search Tools

Please write to us at info@itstechschool.com & contact us at +91-9870480053 for the course price & certification cost, schedule & location

Drop Us a Query

For more info kindly contact us.