name :
EDU-VCBEDRA
title :
VMware Carbon Black EDR Administrator
category :
Carbon Black
vendor :
VMware
classroomDeliveryMethod :
Classroom External
descriptions :
description :
This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
ObjectivesBy the end of the course, you should be able to meet the following objectives:
  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Describe the Carbon Black EDR server installation process
  • Manage and configure the Carbon Black EDR sever based on organizational requirements
  • Perform searches across process and binary information
  • Implement threat intelligence feeds and create watchlists for automated notifications
  • Describe the different response capabilities available from the Carbon Black EDR server
  • Use investigations to correlate data between multiple processes
 Intended AudienceSystem administrators and security operations personnel, including analysts and managers PrerequisitesThere are no prerequisites for this course. Product Alignment
  • VMware Carbon Black EDR

Course Outline1 Course Introduction
  • Introductions and course logistics
  • Course objectives
2 Planning and Installation
  • Hardware and software requirements
  • Architecture
  • Data flows
  • Server installation review
  • Installing sensors
3 Server Administration
  • Configuration and settings
  • Carbon Black EDR users and groups
4 Process Search and Analysis
  • Filtering options
  • Creating searches
  • Process analysis and events
5 Binary Search and Banning Binaries
  • Filtering options
  • Creating searches
  • Hash banning
6 Search best practices
  • Search operators
  • Advanced queries
7 Threat Intelligence
  • Enabling alliance feeds
  • Threat reports details
  • Use and functionality
8 Watchlists
  • Creating watchlists
  • Use and functionality
9 Alerts / Investigations / Response
  • Using the HUD
  • Alerts workflow
  • Using network isolation
  • Using live response
overview :
abstract :
This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
prerequisits :
objective :
topic :

Course Outline1 Course Introduction
  • Introductions and course logistics
  • Course objectives
2 Planning and Installation
  • Hardware and software requirements
  • Architecture
  • Data flows
  • Server installation review
  • Installing sensors
3 Server Administration
  • Configuration and settings
  • Carbon Black EDR users and groups
4 Process Search and Analysis
  • Filtering options
  • Creating searches
  • Process analysis and events
5 Binary Search and Banning Binaries
  • Filtering options
  • Creating searches
  • Hash banning
6 Search best practices
  • Search operators
  • Advanced queries
7 Threat Intelligence
  • Enabling alliance feeds
  • Threat reports details
  • Use and functionality
8 Watchlists
  • Creating watchlists
  • Use and functionality
9 Alerts / Investigations / Response
  • Using the HUD
  • Alerts workflow
  • Using network isolation
  • Using live response
startDate :
2020-11-26T14:53:05Z
endDate :
2020-11-26T14:53:05Z
lastModified :
2020-11-19T14:35:23Z
created :
2020-05-27T14:58:48Z
duration :
1
durationUnit :
DAYS
ibmIPType :
listPrice :
650
currency :
GBP
badge_Template_ID :
badge_Title :
badge_Url :

    Enquire about this course: