VMware Carbon Black EDR Administrator -On Demand

Code: EDU-VCBEDRA-EL

This course, equivalent to 1 day of training, teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies.


This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.


This course is also available in an Instructor-Led Training (ILT) format.


Objectives

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Describe the Carbon Black EDR server installation process
  • Manage and configure the Carbon Black EDR sever based on organizational requirements
  • Perform searches across process and binary information
  • Implement threat intelligence feeds and create watchlists for automated notifications
  • Describe the different response capabilities available from the Carbon Black EDR server
  • Use investigations to correlate data between multiple processes

 

Intended Audience

System administrators and security operations personnel, including analysts and managers

 

Prerequisites

There are no prerequisites for this course.


Product Alignment

  • VMware Carbon Black EDR


Course Outline

1 Course Introduction

  • Introductions and course logistics
  • Course objectives


2 Planning and Architecture

  • Hardware and software requirements
  • Architecture
  • Data flows
  • Server installation review
  • Installing sensors


3 Server Installation & Administration

  • Configuration and settings
  • Carbon Black EDR users and groups


4 Process Search and Analysis

  • Filtering options
  • Creating searches
  • Process analysis and events


5 Binary Search and Banning Binaries

  • Filtering options
  • Creating searches
  • Hash banning


6 Search best practices

  • Search operators
  • Advanced queries


7 Threat Intelligence

  • Enabling alliance feeds
  • Threat reports details
  • Use and functionality


8 Watchlists

  • Creating watchlists
  • Use and functionality


9 Alerts / Investigations / Response

  • Using the HUD
  • Alerts workflow
  • Using network isolation
  • Using live response

Price (ex. VAT)

€ 889,00 per person

Duration

30 days

Schedule

Please send us a message with the form below

Delivery methods

  • Classroom
  • On-site (at your location)
  • Virtual (instructor online)

Inquire

We will contact you to discuss your requirements