Once you install a SIEM on your network, you need to configure it to understand your information assets and receive and process security information. In this video, learn about the process of configuring and tuning a SIEM, including time synchronization,
- [Instructor] Once you install a security information…and event management system on your network,…you'll need to configure it…to understand your information assets…and to receive and process security information.…The first task involved in configuring your SIEM…is making sure that it has all of the relevant information…about your network and systems available to process.…You'll need to configure each of your devices…and applications to send relevant log entries…to the SIEM's centralized log repository.…Once you've pointed these logs at the SIEM,…the system can then begin analyzing them.…
The centralized log repository associated with the SIEM…should be configured to act…as what we call a WORM repository.…That acronym stands for write once, read many.…It means that once a system sends a log entry…to the repository,…that log entry is permanently recorded…and can't be modified.…Many users can read the information in the repository,…but it is not possible to edit it.…This prevents log tampering…and makes it difficult for a malicious user…
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- IP addresses
- Routers, switches, and bridges
- VPNs and VPN concentrators
- Network intrusion detection and prevention
- Managing secure networks
- Tuning and configuring SIEMs
- Troubleshooting digital certificates
- Personnel, host, and mobile device security
- Mobile device management and tracking
- Securing common protocols
Skill Level Beginner
1. TCP/IP Suite
2. Network Security Devices
3. Managing Secure Networks
4. Wireless Networking
5. Security and Monitoring Technologies
6. Security Assessment Tools
7. Security Troubleshooting
8. Personnel Security
9. Host Security
10. Mobile Device Security
11. Securing Protocols
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.