Splunk Enterprise Security Certified Admin
On Demand $1,500.00
Virtual Class $1,500.00
Class Room $2,000.00
Course Description
Splunk Enterprise Security Certified Admin manages a Splunk Enterprise Security environment, including ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations. This exam demonstrates the candidate’s ability to install, configure, and manage a Splunk Enterprise Security deployment.
The Splunk Enterprise Security (ES) Certified Admin exam is the final step towards completion of the Splunk ES Certified Admin certification.
Program Objectives
- Identifying normal ES use cases
- Examining deployment requirements for typical ES installs
- Knowing how to install ES and gather information for lookups
- Knowing the steps to setting up inputs using technology add-ons
- Creating custom correlation searches
- Configuring ES risk analysis, threat, and protocol intelligence
- Fine tuning ES settings and other customizations
Prerequisites
Recommended Prerequisite Courses
Candidates for this exam are recommended to complete the lecture, hands-on labs, and quizzes that are part of the:
Either
• Splunk Enterprise System Administration
• Splunk Enterprise Data Administration courses
Or
• Splunk Cloud Administration course
And
Administering the Splunk Enterprise Security course
Course Features
- Lectures 30
- Domains 12
- Quizzes 0
- Duration 12 hours
- Skill level All levels
- Language English
- Brochure Download
- Students 306
- Certificate No
- Assessments Yes
-
1.0 ES Introduction
-
2.0 Monitoring and Investigation
-
3.0 Security Intelligence
-
5.0 ES Deployment
-
6.0 Installation and Configuration
-
7.0 Validating ES Data
-
8.0 Custom Add-ons
-
9.0 Tuning Correlation Searches
-
10.0 Creating Correlation Searches
-
11.0 Lookups and Identity Management
-
12.0 Threat Intelligence Framework
