IISSSPSplunkSP-IISS7.0<p>Basic Security operations knowledge.</p><ul> <li>SOC analysts</li><li>SOAR Administrators</li><li>Automation Engineers</li></ul><h5>Topic 1 &ndash; Starting Investigations</h5><ul> <li>SOAR investigation concepts</li><li>ROI view</li><li>Using the Analyst Queue</li><li>Using indicators</li><li>Using search</li></ul><h5>Topic 2 &ndash; Working on Events</h5><ul> <li>Use the Investigation page to work on events</li><li>Use the heads-up display</li><li>Set event status and other fields</li><li>Use notes and comments</li><li>How SLA affects event workflow</li><li>Using artifacts and files</li><li>Exporting events</li><li>Executing actions and playbooks</li><li>Managing approvals</li></ul><h5>Topic 3 &ndash; Cases: Complex Events</h5><ul> <li>Use case management for complex investigations</li><li>Use case workflows</li><li>Mark evidence</li><li>Running reports</li></ul>Basic Security operations knowledge.- SOC analysts - SOAR Administrators - Automation EngineersTopic 1 – Starting Investigations - SOAR investigation concepts - ROI view - Using the Analyst Queue - Using indicators - Using search Topic 2 – Working on Events - Use the Investigation page to work on events - Use the heads-up display - Set event status and other fields - Use notes and comments - How SLA affects event workflow - Using artifacts and files - Exporting events - Executing actions and playbooks - Managing approvals Topic 3 – Cases: Complex Events - Use case management for complex investigations - Use case workflows - Mark evidence - Running reports3 Stunden500.00420.00500.00500.00500.00690.00500.0050.0050.0050.0050.0050.0050.0050.0050.00