3-7304 - ArcSight ESM Administrator and Analyst (version 24.1)
- Course Code 7304
- Duration 5 days
Course Delivery
Jump to:
Course Delivery
This course is available in the following formats:
-
Public Classroom
Traditional Classroom Learning
-
Virtual Learning
Learning that is virtual
Request this course in a different delivery format.
Course Overview
TopThis five-day,instructor-led course teaches you how to use the ArcSight console and ArcSight Command Center to monitor security events,configure ESM,manage users,and manage ESM network intelligence resources. You will also be introduced to triaging and resolving cases with ArcSight SOAR.
Course Schedule
Top-
- Delivery Format: Virtual Learning
- Date: 12-16 January, 2026 | 9:00 AM to 5:00 PM
- Location: Virtual (W. Europe )
- Language: English
-
- Delivery Format: Virtual Learning
- Date: 08-12 June, 2026 | 9:00 AM to 5:00 PM
- Location: Virtual (W. Europe )
- Language: English
-
- Delivery Format: Virtual Learning
- Date: 07-11 December, 2026 | 9:00 AM to 5:00 PM
- Location: Virtual (W. Europe )
- Language: English
Target Audience
TopThis course is intended for Analyst,Administrator,Business Administrator
Course Objectives
TopOn completion of this course,you should be able to:
- Make ArcSight ESM operational upon initial installation.
- Describe how ESM works in the context of your network.
- Create user accounts.
- Implement built-in content.
- Populate ESM with your network and assets to identify endpoints involved in an event.
- Create site-specific business-oriented views.
- Investigate,identify,analyze,and remediate exposed security issues.
- Use workflow management to provide real-time incident response and escalation tracking.
- Modify and run standard reports to provide situational awareness and network status.
- Establish ESM peering across multiple ESM instances.
- Perform distributed event search and content management.
Course Content
TopHighlights:
- Investigate security events
- Configure security content
Course Prerequisites
TopNone