|
VMware Carbon Black Cloud Enterprise EDR
Code:
VMW-VCBCEEDR
Duration:
1 Day
|
$925
USD
|
This one-day course teaches you how to use the VMware Carbon Black Cloud Enterprise EDR™ product and leverage its capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
This course is available in the following formats:
Virtual Classroom
Duration: 1 Day
| Call 800-798-3901 to enroll in this class! |
By the end of the course, you should be able to meet the following objectives:
- Describe the components and capabilities of VMware Carbon Black Cloud Enterprise EDR
- Identify the architecture and data flows for VMware Carbon Black Cloud Enterprise EDR communication
- Perform searches across endpoint data to discover suspicious behavior
- Manage watchlists to augment the functionality of VMware Carbon Black Cloud Enterprise EDR
- Create custom watchlists to detect suspicious activity in your environment
- Describe the process for responding to alerts in VMware Carbon Black Cloud Enterprise EDR
- Discover malicious activity within VMware Carbon Black Cloud Enterprise EDR
- Describe the different response capabilities available from VMware Carbon Black Cloud
Will Be Updated Soon!
- Course Introduction
- Introductions and course logistics
- Course objectives
- Data Flows and Communication
- Hardware and software requirements
- Architecture
- Data flows
- Searching Data
- Creating searches
- Search operators
- Analyzing processes
- Analyzing binaries
- Advanced queries
- Managing Watchlists
- Subscribing
- Alerting
- Custom watchlists
- Alert Processing
- Alert creation
- Analyzing alert data
- Alert actions
- Threat Hunting in Enterprise EDR
- Cognitive Attack Loop
- Malicious behaviors
- Response Capabilities
- Using quarantine
- Using live response