Course Description: ARCINT400-6x- ArcSight Interset Deployment and Administration

Course Description

Micro Focus ArcSight Intelligence behavioural analytics gives you a new lens through which to detect, investigate, and respond to threats that may be hiding in your enterprise—before your data is stolen.

This course is a good starting point for a security analyst who are new to the ArcSight Intelligence / Interset UEBA product to learn the fundamentals, architecture, deployment, data ingestion and operationalization of Micro Focus® Interset user and entity behavioural analytics (UEBA). In this course, you learn, using machine learning, how Interset UEBA distills billions of events into a prioritized list of high-quality security leads to focus and accelerate the efforts of your security operations center (SOC). Interset’s machine learning models, combined with a highly intuitive user interface (UI), accelerate threat detection and investigation from weeks to minutes. ArcSight Intelligence / Interset UEBA produces high-quality threat leads, allowing your security teams to respond and remediate quickly and effectively.

Audience/Job Roles

This course is intended for Incident Response Managers, SecOps architects, Threat Hunt Teams, and Security Analysts that monitor an organization's operations for internal security threats.

Course Objectives

Upon successful completion of this course, you should be able to:

Describe the concept of UEBA and Internal threat management
Recognize the components and capabilities of Interset UEBA.
Familiarize with the prerequisites, preparation, deployment and configuration of Interset solution
Run data ingestion effectively to initiate the internal threat hunting.
Perform analytics using the different analytical models available in Interset.
Basic use the GUI of Interset effectively and manage the risk scores.

Prerequisites/Recommended Skills

To be successful in this course, you should have the following prerequisites or knowledge:

Basic understanding of security operations, Big Data concepts and Containerization.
Basic Understanding of ArcSight Ecosystem
Basic understanding of Unix operating system and commands, web technologies, network concepts
Have an interest in cybersecurity and internal threats.
Complete SecOps Technical certification from Partner Portal

Course Agenda

ArcSight Intelligence Concepts, Architecture and Deployment
Data Ingestion using Connector framework
Analytical Pipeline and Analytics Process
GUI Navigation and basic administrative activities.