Hari Pertama | 29/01/2024 | Isnin
Masa/Sesi |
|
Topik |
SESI 1 |
: |
08.30 Pagi - 10.30 Pagi |
|
: |
Topic 1: Introduction to Sentinel
• SIEM Approach
• Introduction to Sentinel Component
• Installation Overview |
SESI 2 |
: |
11.00 Pagi - 01.00 Tengah Hari |
|
: |
Topic 2: Sentinel Installation
• Operating System
• Uninstallation Sentinel
• Sentinel Port Requirements |
SESI 3 |
: |
02.30 Petang - 04.30 Petang |
|
: |
Topic 3: Sentinel Administrative Setup II
• Integration
• Plug-ins
• Appliance
| Topic 4: Sentinel Administrative Setup I
• Configuring Roles and Users
• Managing Collector and Event Source
• Control Centre
• Storage |
Hari Ke-2 | 30/01/2024 | Selasa
Masa/Sesi |
|
Topik |
SESI 1 |
: |
08.30 Pagi - 10.30 Pagi |
|
: |
Topic 5: Security Intelligence
• SI Functionality
• Create SI
• Abnormal Spike/Anomaly |
SESI 2 |
: |
11.00 Pagi - 01.00 Tengah Hari |
|
: |
Topic 6: Device Health Check
• Device Last Trigger Log Alert
• No Data Alert (Record Purposes)
• Troubleshooting
| Topic 7: Report
• Create report
• Customize report |
SESI 3 |
: |
02.30 Petang - 04.30 Petang |
|
: |
Technical Support and Configuration I & II (hands-on) |
Hari Ke-3 | 31/01/2024 | Rabu
Masa/Sesi |
|
Topik |
SESI 1 |
: |
08.30 Pagi - 10.30 Pagi |
|
: |
Topic 8: Correlation Rules
• Use Case Manager
• Create rules |
SESI 2 |
: |
11.00 Pagi - 01.00 Tengah Hari |
|
: |
Topic 9: Alerts & Filter
• Use Case Manager
• Create rules & filter
| Topic 10: Report & Escalation
• Analyse based on alerts
• Report to respective team
• Mitigation |
SESI 3 |
: |
02.30 Petang - 04.30 Petang |
|
: |
Technical Support and Configuration III & IV (hands-on) |