VMware Carbon Black Cloud Audit and Remediation
- Course Code VMCBCAR
- Duration 1 day
Course Delivery
Additional Payment Options
- PSO Please call: 0800-84009 inc. VAT
Jump to:
Course Delivery
This course is available in the following formats:
-
Company Event
Event at company
-
Elearning (Self-paced)
Self paced electronic learning
-
Public Classroom
Traditional Classroom Learning
-
Virtual Learning
Learning that is virtual
Request this course in a different delivery format.
Course Overview
TopThis one-day VMware Carbon Black course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
Product Alignment:
- VMware Carbon Black Cloud Audit and Remediation
- VMware Carbon Black Cloud Endpoint™ Advanced
- VMware Carbon Black Cloud Endpoint™ Enterprise
Course Schedule
Top-
- Delivery Format: Virtual Learning
- Date: 27 May, 2021
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 27 May, 2021
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 16 June, 2021
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 16 June, 2021
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 29 July, 2021
- Location: Virtual
Target Audience
TopSystem administrators and security operations personnel, including analysts and managers
Course Objectives
Top- Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
- Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
- Describe the use case and functionality of recommended queries
- Achieve a basic knowledge of SQL
- Describe the elements of a SQL query
- Evaluate the filtering options for queries
- Perform basic SQL queries on endpoints
- Describe the different response capabilities available from VMware Carbon Black Cloud
Course Content
Top1 Course Introduction
- Introductions and course logistics
- Course objectives
2 Data Flows and Communication
- Hardware and software requirements
- Architecture
- Data flows
3 Query Basics
- osquery
- Available tables
- Query scope
- Running versus scheduling
4 Recommended Queries
- Use cases
- Inspecting the SQL query
5 SQL Basics
- Components
- Tables
- Select statements
- Where clause
- Creating basic queries
6 Filtering Results
- Where clause
- Exporting and filtering
7 Basic SQL Queries
- Query creation
- Running queries
- Viewing results
8 Advanced Search Capabilities
- Advanced SQL options
- Threat hunting
9 Response Capabilities
- Using live response
Course Prerequisites
TopThis course requires completion of the following course:
- VMware Carbon Black Cloud Fundamentals
