VMware Carbon Black EDR Administrator
Price
No price found.
Duration
1 Day
Modality
Live Online
Course code
EDU-VCBEDRA-OE
Course Overview
This one-day course teaches you how to use the VMware Carbon Black® EDR product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies.
This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
Course Objectives
By the end of the course, you should be able to meet the following objectives:
- Describe the components and capabilities of the Carbon Black EDR server
- Identify the architecture and data flows for Carbon Black EDR communication
- Describe the Carbon Black EDR server installation process
- Manage and configure the Carbon Black EDR sever based on organizational requirements
- Perform searches across process and binary information
- Implement threat intelligence feeds and create watchlists for automated notifications
- Describe the different response capabilities available from the Carbon Black EDR server
- Use investigations to correlate data between multiple processes
Target Audience
System administrators and security operations personnel, including analysts and manager.
Prerequisites
There are no prerequisites for this course
Product Alignment
- VMware Carbon Black EDR
Target Audience
System administrators and security operations personnel, including analysts and manager.
Prerequisites
There are no prerequisites for this course
Product Alignment
- VMware Carbon Black EDR
Module Breakdown - For a course module breakdown click here
Module 1
Course Introduction
- Introductions and course logistics
- Course objectives
Module 2
Planning and Architecture
- Hardware and software requirements
- Architecture
- Data flows
- Server installation review
- Installing sensors
Module 3
Server Installation & Administration
- Configuration and settings
- Carbon Black EDR users and groups
Module 4
Process Search and Analysis
- Filtering options
- Creating searches
- Process analysis and events
Module 5
Binary Search and Banning Binaries
- Filtering options
- Creating searches
- Hash banning
Module 6
Search best practices
- Search operators
- Advanced queries
Module 7
Threat Intelligence
- Enabling alliance feeds
- Threat reports details
- Use and functionality
Module 8
Watchlists
- Creating watchlists
- Use and functionality.
Module 9
Alerts / Investigations / Response
- Using the HUD
- Alerts workflow
- Using network isolation
- Using live response
Class Schedule
Looking for other dates? Prefer a quote? Let us know:
