VMware Carbon Black Cloud Endpoint Standard
This one-day course teaches you how to use the VMware Carbon Black Cloud EndpointTM Standard product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
Course Objectives
By the end of the course, you should be able to meet the following objectives:
- Describe the components and capabilities of VMware Carbon Black Cloud Endpoint Standard Identify the architecture and data flows for Carbon Black Cloud Endpoint Standard communication Perform searches across endpoint data to discover suspicious behavior Manage the Carbon Black Cloud Endpoint Standard rules based on organizational requirements Configure rules to address common threats Evaluate the impact of rules on endpoints Process and respond to alerts Describe the different response capabilities available from VMware Carbon Black CloudTM
Agenda
- Introductions and course logistics
- Course objectives
- Hardware and software requirements
- Architecture
- Data flows
- Creating searches
- Analyzing events
- Search operators
- Advanced queries
- Rules
- Local scanner
- Sensor capabilities
- Rule types
- Rule creation
- Reputation priority
- Configuring rules
- Evaluating rule impact
- Alert triage
- Alert actions
- Using quarantine
- Using live response
- Hash banning
FREE
Interested in course?
Course Type: Instructor Led
Course Type: Self Paced