Course ID 00909502
Course format ILT,SCA
Course length 8 day(s)
Skill level Advanced
Delivery languages English
Related certifications
In preparation for these exams
Selected items from this course are included in these exams:
Register for this course.
To register for this course click on the link above

Course description

HP ArcSight MASE Preparation Course covers design and implementation considerations of a complete enterprise SIEM deployment.
This course provides participants with hands-on activities through a practical solutions-based approach to address common business requirements. Methodologies, terms and concepts are explored in progressive examples using built-in product configuration and management facilities. Product architectures are coupled with deployment best-practices within the context of the HP ArcSight product line as a complete log management and event correlation platform.
 

Who should attend

This Master ASE level exam is intended for experienced IT security experts with multi-product configuration, integration and practical deployment methodologies for ArcSight Solutions.

Prerequisites

Three years of effective hands-on ArcSight Administrator/Analyst experience and completion of the following courses is highly recommended:
 
  • ArcSight ESM Analysts -ArcSight ESM Security Analyst (AESA)
  • ArcSight ESM Administrators - ArcSight ESM Administrator 6 CORR Engine (AEIA)
  • ArcSight Logger - ArcSight Logger Administration and Operation
  • ArcSight Connector - ArcSight SmartConnector Foundations and Tool Kit, ArcSight FlexConnector
  • Configuration and ArcSight Connector Appliance Administration

Objectives

After completing this course, you should be able to do the following:
  • Design a ArcSight Enterprise solution based on a given scenario
  • Install ArcSight Solutions including ESM 6.0c, ESM6.5c, Logger & Connector Appliance
  • Configure and forward SmartConnectors in various configurations based on business needs
  • Use Regex to configure a FlexConnector
  • Design and import Network and Asset models
  • Perform searches and pull reports from Logger
  • Design an Active Channel, filter and field set within ESM
  • Use Variables, Data monitors and dashboards
  • Create rules, run reports and trends
  • Upgrade ArcSight, including forwarding connectors and SmartConnectors
  • Aggregate in Connectors, use Syslog Parser overrides, and map SmartConnector files
  • Plan for Disaster Recovery

How to register

Click on this link to register for this course: http://www.hpenterprisesecurity.com/university

Policies, fees and cancellations

Course fees may vary and are established and collected by the training center delivering the course. Cancellation fees may apply. Contact your HP Authorized Training Partner for their respective policies.