Skip to main Content

VMware Carbon Black Cloud Audit and Remediation

  • Course Code VMCBCAR
  • Duration 1 day

Additional Payment Options

  • PSO Please call: 0800-84009 inc. VAT

Public Classroom Price

eur750,00

excl. VAT

Request Group Training Add to Cart

Course Delivery

This course is available in the following formats:

  • Company Event

    Event at company

  • Elearning (Self-paced)

    Self paced electronic learning

  • Public Classroom

    Traditional Classroom Learning

  • Virtual Learning

    Learning that is virtual

Request this course in a different delivery format.

Course Overview

Top

This one-day VMware Carbon Black course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Product Alignment:

  • VMware Carbon Black Cloud Audit and Remediation
  • VMware Carbon Black Cloud Endpoint™ Advanced
  • VMware Carbon Black Cloud Endpoint™ Enterprise

Course Schedule

Top
    • Delivery Format: Virtual Learning
    • Date: 27 May, 2021
    • Location: Virtual
    • Delivery Format: Virtual Learning
    • Date: 27 May, 2021
    • Location: Virtual
    • Delivery Format: Virtual Learning
    • Date: 16 June, 2021
    • Location: Virtual
    • Delivery Format: Virtual Learning
    • Date: 16 June, 2021
    • Location: Virtual
    • Delivery Format: Virtual Learning
    • Date: 29 July, 2021
    • Location: Virtual

Target Audience

Top

System administrators and security operations personnel, including analysts and managers
 

Course Objectives

Top
  • Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
  • Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
  • Describe the use case and functionality of recommended queries
  • Achieve a basic knowledge of SQL
  • Describe the elements of a SQL query
  • Evaluate the filtering options for queries
  • Perform basic SQL queries on endpoints
  • Describe the different response capabilities available from VMware Carbon Black Cloud
     

Course Content

Top

1  Course Introduction

  • Introductions and course logistics
  • Course objectives

2  Data Flows and Communication

  • Hardware and software requirements
  • Architecture
  • Data flows

3  Query Basics

  • osquery
  • Available tables
  • Query scope
  • Running versus scheduling

4  Recommended Queries

  • Use cases
  • Inspecting the SQL query

5  SQL Basics

  • Components
  • Tables
  • Select statements
  • Where clause
  • Creating basic queries

6  Filtering Results

  • Where clause
  • Exporting and filtering

7  Basic SQL Queries

  • Query creation
  • Running queries
  • Viewing results

8  Advanced Search Capabilities

  • Advanced SQL options
  • Threat hunting

9  Response Capabilities

  • Using live response

Course Prerequisites

Top

This course requires completion of the following course:

  • VMware Carbon Black Cloud Fundamentals
Cookie Control toggle icon