Sentinel (ATT)

ATT's worden in het Engels gegeven, tenzij alle aanwezigen Nederlands spreken.

Please note that ATT's will be held in English, unless all people present speak Dutch.

Course Overview

NetIQ Sentinel delivers an integrated view of security and compliance events across the entire enterprise - integrating real-time information from devices, applications, identity and access management systems and physical controls into a single console. This hands-on course explores all functional aspects of the NetIQ Sentinel system in a workshop environment. It also introduces the open architecture of the correlation, collection, incident response, and reporting systems, enabling you to begin integrating NetIQ Sentinel into your existing systems.

During the course, you will need to learn how to complete the following tasks:

  • View and filter incoming events within the Control Center;
  • Analyze and investigate events for asset, vulnerability, and relationship information;
  • Manage the built-in incident response process;
  • Manage and maintain the Sentinel database;
  • Fine-tune and enhance existing Collectors for the local environment and to enrich the incoming event data;
  • Tie together various data sources into a comprehensive information system through the data collection system using local source files and the global mapping service.

This course covers many aspects of the NetIQ Sentinel product and its functionality. This course is appropriate for analysts who will be using the Sentinel console, administrators who will be managing the day-to-day upkeep, and developers who will be customizing Sentinel correlation rules, reports, or collectors. Certain sections of the material may not be relevant to specific job functions, but the course will give you a complete understanding of Sentinel features, ongoing administration, and introduce customization, network security, and troubleshooting concepts as well.

This course covers a wide range of Novell Sentinel 6.1 functionality, from basic analyst training to custom collector development. There are no formal prerequisites, but to get full value from the class, you are encouraged to be familiar with basic concepts such as:

  • Basic networking: IP protocol/CIDR notation, HTTP(s)/FTP and other protocols, bandwidth, VLANs, Network Address Translation, DHCP, DNS, LDAP;
  • Network security devices and operation: AV scanners, Intrusion Detection Systems, firewalls, vulnerability scanners, etc;
  • Basic security concepts: Identity/user/role management, access control, security policies, compliance and IT controls, incident response, encryption, reporting;
  • Common network threats: viruses, DOS attacks, information leaks, trojans/worms, buffer overflows, etc;
  • Relational database concepts: tables, relationships and keys, joins, partitions, and so on;
  • Basic programming concepts: Iterative logic, Boolean logic, evaluations and operators, variables and parameters, data objects, regular expressions, ASCII/Hex encoding, file/network/process input/output, debugging.

Day 1: 09.00 - 17.00

Day 2: 09.00 - 17.00

Day 3: 09.00 - 17.00

Day 4: 09.00 - 17.00

ATT Novell Sentinel 6.1 (Boek)

Deze cursus wordt verzorgd door NetIQ Platinum Training Partner QeQ ICT Training en Consultancy. Hierbij wordt gebruik gemaakt van het officiƫle NetIQ-cursusmateriaal.