name :
EDU-VCBCAR
title :
VMware Carbon Black Cloud Audit and Remediation
category :
Carbon Black
vendor :
VMware
classroomDeliveryMethod :
Classroom External
descriptions :
description :
This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
ObjectivesBy the end of the course, you should be able to meet the following objectives:
  • Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
  • Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
  • Describe the use case and functionality of recommended queries
  • Achieve a basic knowledge of SQL
  • Describe the elements of a SQL query
  • Evaluate the filtering options for queries
  • Perform basic SQL queries on endpoints
  • Describe the different response capabilities available from VMware Carbon Black Cloud
 Intended AudienceSystem administrators and security operations personnel, including analysts and managers PrerequisitesThis course requires completion of the following course:
  • VMware Carbon Black Cloud Fundamentals
 Product Alignment
  • VMware Carbon Black Cloud Audit and Remediation
  • VMware Carbon Black Cloud Endpoint™ Advanced
  • VMware Carbon Black Cloud Endpoint™ Enterprise

  • Course Outline1 Course Introduction
    • Introductions and course logistics
    • Course objectives
    2 Data Flows and Communication
    • Hardware and software requirements
    • Architecture
    • Data flows
    3 Query Basics
    • osquery
    • Available tables
    • Query scope
    • Running versus scheduling
    4 Recommended Queries
    • Use cases
    • Inspecting the SQL query
    5 SQL Basics
    • Components
    • Tables
    • Select statements
    • Where clause
    • Creating basic queries
    6 Filtering Results
    • Where clause
    • Exporting and filtering
    7 Basic SQL Queries
    • Query creation
    • Running queries
    • Viewing results
    8 Advanced Search Capabilities
    • Advanced SQL options
    • Threat hunting
    9 Response Capabilities
    • Using live response
    overview :
    abstract :
    This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
    prerequisits :
    objective :
    topic :

    Course Outline1 Course Introduction
    • Introductions and course logistics
    • Course objectives
    2 Data Flows and Communication
    • Hardware and software requirements
    • Architecture
    • Data flows
    3 Query Basics
    • osquery
    • Available tables
    • Query scope
    • Running versus scheduling
    4 Recommended Queries
    • Use cases
    • Inspecting the SQL query
    5 SQL Basics
    • Components
    • Tables
    • Select statements
    • Where clause
    • Creating basic queries
    6 Filtering Results
    • Where clause
    • Exporting and filtering
    7 Basic SQL Queries
    • Query creation
    • Running queries
    • Viewing results
    8 Advanced Search Capabilities
    • Advanced SQL options
    • Threat hunting
    9 Response Capabilities
    • Using live response
    startDate :
    2020-10-31T16:13:48Z
    endDate :
    2020-10-31T16:13:48Z
    lastModified :
    2020-10-22T20:15:16Z
    created :
    2020-05-27T14:54:41Z
    duration :
    1
    durationUnit :
    DAYS
    ibmIPType :
    listPrice :
    700
    currency :
    GBP
    badge_Template_ID :
    badge_Title :
    badge_Url :

    Enquire about this course: