Course Overview
The VMware Carbon Black® Portfolio portfolio of solutions, which includes: • VMware Carbon Black® App ControlTM Administrator, are covered in this 5-day course.
- Administrator for VMware Carbon Black® EDRTM.
- VMware Cloud EndpointTM Standard Carbon Black.
- VMware Carbon Black® Cloud Enterprise ED
- VMware Carbon Black® Cloud Audit and Remediation.
You learn how to use the products' capabilities according to the organization's security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black Portfolio through comprehensive coursework, hands-on labs, and scenario-based exercises.
Prerequisites
System administration experience on Microsoft Windows or Linux operating systems
Audience Profile
System administrators and security operations personnel (including analysts and managers)
Learning Objectives
You should be able to complete the following goals by the end of the course:
- Describe Carbon Black App Control's features and parts.
- Organizing the Carbon Black App Control server according to organisational needs.
- Establish policies to manage agent functionality and enforcement levels.
- Put policies into place that support the organization's security posture.
- To comprehend agent and server data, use the Carbon Black App Control tools.
- Describe the Carbon Black EDR server's parts and functions.
- Identify the Carbon Black EDR communication architecture and data flows.
- Describe the installation procedure for the Carbon Black EDR server.
- Manage and set up the Carbon Black EDR server in accordance with organisational needs.
- Conduct binary and process information searches.
- Use watchlists and threat intelligence feeds to implement automated notifications.
- Outline the various response options provided by the Carbon Black EDR server.
- Use research to compare data from various processes.
- Describe Carbon Black Cloud Endpoint Standard's features and parts.
- Identify VMware Carbon Black Cloud products' architecture and data flows.
- Use endpoint data searches to look for unusual activity.
- Control Carbon Black Cloud Endpoint Standard standards in accordance with corporate needs.
- Set up guidelines to deal with common threats.
- Assess the effect that rules have on endpoints.
- Analyze and react to alarms.
- Describe the different reaction capabilities that VMware Carbon Black Cloud has to provide.
- Describe Carbon Black Cloud Enterprise EDR's features and parts.
- Use endpoint data searches to look for unusual activity.
- Manage watchlists to increase Carbon Black Cloud Enterprise EDR's capability.
- Make your own watchlists to identify shady behaviour in your environment.
- Describe the Carbon Black Cloud Enterprise EDR alert response procedure.
- Recognize harmful behaviour in Carbon Black Cloud Enterprise EDR.
- Describe the various response options provided by VMware Carbon Black Cloud.
- Describe the Carbon Black Cloud Audit and Remediation's components and capabilities.
- Describe the functionality and use case for the suggested queries.
- Acquire a working understanding of SQL.
- List the components of a SQL query.
- Consider the filtering possibilities for queries
- Perform basic SQL queries on endpoints
- Describe the different response capabilities available from VMware Carbon Black Cloud
- Identify sensor status in RepCLI
Content Outline
- Introductions and course logistics
- Course objectives
- Login Accounts and Groups
- Policies
- Computer Details
- Custom Rules
- Tools
- Events
- Baseline Drift
- Planning and Architecture
- Server Installation & Administration
- Process Search and Analysis
- Binary Search and Banning Binaries
- Search best practices
- Threat Intelligence
- Watchlists
- Alerts / Investigations / Responses
- Data Flows and Communication
- Searching Data
- Policy Components
- Prevention Capabilities Using Rules
- Processing Alerts
- Response Capabilities
- Managing Watchlists
- Alert Processing
- Threat Hunting in Enterprise EDR
- Response Capabilities
- Query Basics
- Recommended Queries
- SQL Basics
- Filtering Results
- Basic SQL Queries
- Advanced Search Capabilities
- Response Capabilities
FAQs
Noida, surrounded by several large multinational, medium & small Software companies. We have offices located all across the country and partners across the globe.
A: For participants' hands-on practise, Radiant Techlearning includes a data centre with a virtual training environment. With the use of a remote desktop connection, participants can effortlessly access these laboratories over the cloud. You may learn from anywhere and in any time zone with radiant virtual laboratories.
A: The learners will be enthralled as we engage them in the natural world and Oriented industry projects during the training program. These projects will improve your skills and knowledge and give you a better experience. These real-time projects will help you a lot in your future tasks and assignments.
A: To know about the fees details, you can email us at training@radianttechlearning.com with your requirement in detail containing the below information
In the case of Self/ Individual
- Training Program
- Training Mode (Online/ Classroom)
- Location (in case of the classroom):
- Background (Education/ Technology/ Year of experience, etc. )
- Training Timeline
In the case of Corporate Training
- Training Program of Participants
- Training Mode (Online/ Classroom)
- Location (in case of the classroom):
- Participant's Background (Education/ Technology/ Year of experience, etc.)
- Training Timeline
- Expectations from the training program
A: • System administrators and security operations personnel (including analysts and managers)
A: This course has a duration of 5 days.
A: No. These training programs are helping to improve your skills & knowledge of the technology, which would allow you to land your dream job by learning them.
Our training program will maximize your ability and chances of getting a successful job. You have to select a position according to your convenience. Your performance in the training program and interview is crucial for getting a good job.
A: Yes, your employer can pay your fees.