- Home
- /
- Rechenzentrum, Netzwerke & Cloud
- /
- Virtualisierung
- /
- VMware
- /
- VMware Network Virtualization &...
- /
- VMware Carbon Black Portfolio:...
VMware Carbon Black Portfolio: Configure and Manage
Schulungsinhalt
Course Introduction
– Introductions and course logistics
– Course objectivesVMware Carbon Black App Control Administrator
– Login Accounts and Groups
– Policies
– Computer Details
– Custom Rules
– Tools
– Events
– Baseline DriftVMware Carbon Black EDR
– Planning and Architecture
– Server Installation & Administration
– Process Search and Analysis
– Binary Search and Banning Binaries
– Search best practices
– Threat Intelligence
– Watchlists
– Alerts / Investigations / ResponsesVMware Carbon Black Cloud Endpoint Standard
– Data Flows and Communication
– Searching Data
– Policy Components
– Prevention Capabilities Using Rules
– Processing Alerts
– Response CapabilitiesVMware Carbon Black Cloud Enterprise EDR
– Managing Watchlists
– Alert Processing
– Threat Hunting in Enterprise EDR
– Response CapabilitiesVMware Carbon Black Cloud Audit and Remediation
– Query Basics
– Recommended Queries
– SQL Basics
– Filtering Results
– Basic SQL Queries
– Advanced Search Capabilities
– Response Capabilities
Zielgruppe
System administrators and security operations personnel (including analysts and managers)
Seminarziele
By the end of the course, you should be able to meet the following objectives:
– Describe the components and capabilities of Carbon Black App Control
– Manage and configure the Carbon Black App Control server based on organizational requirements
– Create policies to control enforcement levels and agent functionality
– Implement rules to support the organization’s security posture
– Use the Carbon Black App Control tools to understand agent and server data
– Describe the components and capabilities of the Carbon Black EDR server
– Identify the architecture and data flows for Carbon Black EDR communication
– Describe the Carbon Black EDR server installation process
– Manage and configure the Carbon Black EDR server based on organizational requirements
– Perform searches across process and binary information
– Implement threat intelligence feeds and create watchlists for automated notifications
– Describe the different response capabilities available from the Carbon Black EDR server
– Use investigations to correlate data between multiple processes
– Describe the components and capabilities of Carbon Black Cloud Endpoint Standard
– Identify the architecture and data flows for VMware Carbon Black Cloud products
– Perform searches across endpoint data to discover suspicious behavior
– Manage the Carbon Black Cloud Endpoint Standard rules based on organizational requirements
– Configure rules to address common threats
– Evaluate the impact of rules on endpoints
– Process and respond to alerts
– Describe the different response capabilities available from VMware Carbon Black Cloud
– Describe the components and capabilities of Carbon Black Cloud Enterprise EDR
– Perform searches across endpoint data to discover suspicious behavior
– Manage watchlists to augment the functionality of Carbon Black Cloud Enterprise EDR
– Create custom watchlists to detect suspicious activity in your environment
– Describe the process for responding to alerts in Carbon Black Cloud Enterprise EDR
– Discover malicious activity within Carbon Black Cloud Enterprise EDR
– Describe the different response capabilities available from VMware Carbon Black Cloud
– Describe the components and capabilities of Carbon Black Cloud Audit and Remediation
– Describe the use case and functionality of recommended queries
– Achieve a basic knowledge of SQL
– Describe the elements of a SQL query
– Evaluate the filtering options for queries
– Perform basic SQL queries on endpoints
– Describe the different response capabilities available from VMware Carbon Black Cloud
Vorkenntnisse
System administration experience on Microsoft Windows or Linux operating systems
Seminardauer
Preis
Präsenzseminar/FLEXINAR®:
LIVEINAR®:
Individual Training: Preis auf Anfrage
Inhouse Training: Preis auf Anfrage
Seminarnummer
Martin Heubeck
Group Leader Sales
- martin.heubeck@protranet.de
Beratungszentrale und Buchungshotline:
- 0800 3400311
- beratung@protranet.de
Kataloge
Formate
