Description

Duration

3 Days

18 CPD hours

This course is intended for

Security analyst, threat hunters, or incident responders
Security professionals who work with enterprise and endpoint security tools

Overview

By the end of the course, you should be able to meet the following objectives:
Describe the architecture of a Carbon Black EDR implementation
Perform the installation, upgrade, and configuration of the Carbon Black EDR server
Describe the purpose and use of multiple datastores in the server
Perform live queries across endpoints to gather additional data
Perform effective searches across the dataset to find security artifacts related to the endpoints
Manage Threat Intelligence Feeds and Watchlists
Describe connectors in Carbon Black EDR
Troubleshoot server and sensor problems
Analyze data found in the Heads-Up Display
Manage investigations to group and summarize security incidents and artifacts
Perform the different response capabilities available to users in Carbon Black EDR
Use the Carbon Black EDR API to automate tasks

This three-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in installing, configuring, and managing the VMware Carbon BlackÂ© EDR? environment. This course introduces you to product features, capabilities, and workflows for managing endpoint security. Hands-on labs enable learners to reinforce topics by performing operations and tasks within the product in a training environment.

Course Introduction

Introductions and course logistics

Course objectives

Planning and Architecture

Describe the architecture and components of Carbon Black EDR

Identify the communication requirements for Carbon Black EDR

Server Installation, Upgrade, and Administration

Install the Carbon Black EDR server

Describe the options during the installation process

Install a Carbon Black EDR sensor

Confirm data ingestion in the Carbon Black EDR server

Identify built-in administration tools

Manage sensor groups

Manage users and teams

Server Datastores

Describe the datastores used in Carbon Black EDR

Interact with the available datastores

Live Query

Describe live query capabilities

Perform queries across endpoints

Searching and Best Practices

Describe the capabilities and data available in the process search

Perform process searches to find specific endpoint activity

Describe the capabilities and data available in the binary search

Perform binary searches to find application data

Describe the query syntax and advanced use cases

Perform advanced queries across the dataset

Threat Intelligence Feeds and Watchlists

Define Threat Intelligence Feeds

Manage the available Threat Intelligence Feeds

Describe the use of Watchlists

Manage Watchlists in the environment

Connectors in Carbon Black EDR

Configure connectors in Carbon Black EDR

Troubleshoot connectors

Troubleshooting

Identify the available troubleshooting scripts in the Carbon Black EDR server

Run troubleshooting scripts to identify problems

Generate a sensor log bundle

Identify the location of sensor registry keys

Head-Up Display

Identify panels relating to endpoint data

Analyze endpoint data provided by the panels

Identify panels relating to operations data

Analyze operations data provided by the panels

Identify panels relating to server data

Analyze server data provided by the panels

Define alert generation in Carbon Black EDR

Manage alerts

Investigations

Describe investigations

Explore data used in an investigation

Manage investigations

Manage investigation events

Responding to Endpoint Incidents

Describe isolation in Carbon Black EDR

Manage isolating endpoints

Describe live response capabilities

Manage live response sessions

Describe hash banning

Manage banned hashes

Overview of Postman and the Carbon Black EDR API

Explain the use of the API

Differentiate the APIs available for Carbon Black EDR

Explain the purpose of API tokens

Create an API token

Explain the API URL

Create a valid API request

Import a collection to Postman

Initiate an API request from Postman

Perform operations manually using Postman

Analyze the use cases for Postman

Show basic automation tasks using the API and curl

Compare the usage of curl with Postman

Additional course details:Notes

Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC)

Nexus Humans VMware Carbon Black EDR: Install, Configure, Manage [V7.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.

This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.

Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.

While we feel this is the best course for the VMware Carbon Black EDR: Install, Configure, Manage [V7.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.

Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Course Images

VMware Carbon Black EDR: Install, Configure, Manage [V7.x]

By Nexus Human

Booking options

Highlights

Description

About The Provider

Tags

Reviews