VMware Carbon Black EDR Administrator

Length

1 day

Price

$1166.00 inc GST

Overview

This course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies.

The course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.

Product Alignment
• VMware Carbon Black EDR

Key Topics

Detailed Info

Planning and Architecture
Server Installation & Administration
Process Search and Analysis
Binary Search and Banning Binaries
Search best practices
Threat Intelligence
Watchlists
Alerts / Investigations / Response

Skills Gained

Key Topics

Target Audiences

Prerequisites

Skills Gained

By the end of the course, you should be able to meet the following objectives:

Describe the components and capabilities of the Carbon Black EDR server
Identify the architecture and data flows for Carbon Black EDR communication
Describe the Carbon Black EDR server installation process
Manage and configure the Carbon Black EDR sever based on organizational requirements
Perform searches across process and binary information
Implement threat intelligence feeds and create watchlists for automated notifications
Describe the different response capabilities available from the Carbon Black EDR server
Use investigations to correlate data between multiple processes

Key Topics

1. Course Introduction

Introductions and course logistics
Course objectives

2. Planning and Architecture

Hardware and software requirements
Architecture
Data flows
Server installation review
Installing sensors

3. Server Installation & Administration

Configuration and settings
Carbon Black EDR users and groups

4. Process Search and Analysis

Filtering options
Creating searches
Process analysis and events

5. Binary Search and Banning Binaries

Filtering options
Creating searches
Hash banning

6. Search best practices

Search operators
Advanced queries

7. Threat Intelligence

Enabling alliance feeds
Threat reports details
Use and functionality

8. Watchlists

Creating watchlists
Use and functionality

9. Alerts / Investigations / Response

Using the HUD
Alerts workflow
Using network isolation
Using live response

Target Audiences

System administrators and security operations personnel, including analysts and managers

Prerequisites

There are no prerequisites for this course.

Print course details

The supply of this course by DDLS is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

You don't appear to have Javascript enabled, our contact forms & booking process unfortunately requires it.

If you'd like more information, or to book a course please email us

Email Course Outline

Request a Callback

Enter your details below and we'll email you a pdf of the course outline.

Enter your details below and one of our team will give you a call to answer any questions you may have.

Length

Price

Overview

Key Topics

Skills Gained

Key Topics

Target Audiences

Prerequisites

Request Course Information

Testimonials

YOUR IT TRAINING PARTNER

FOLLOW US