Course Catalog  > Cloud  > VMware  > VMware Carbon Black
EDU-VCBPCM

VMware Carbon Black Portfolio: Configure and Manage Training

This 5-day course teaches you how to install, configure, and manage the VMware Carbon BlackĀ® Portfolio suite of products, which include:
Request Information
Request On-Site or Customized Course Info
Course Details

Duration

5 days

Prerequisites

System administration experience on Microsoft Windows or Linux operating systems.

Target Audience

  • System Administrators
  • Security Operations Personnel (including analysts and managers)

Skills Gained

  • Describe the components and capabilities of Carbon Black App Control
  • Manage and configure the Carbon Black App Control server based on organizational requirements
  • Create policies to control enforcement levels and agent functionality
  • Implement rules to support the organization's security posture
  • Use the Carbon Black App Control tools to understand agent and server data
  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Describe the Carbon Black EDR server installation process
  • Manage and configure the Carbon Black EDR server based on organizational requirements
  • Perform searches across process and binary information
  • Implement threat intelligence feeds and create watchlists for automated notifications
  • Describe the different response capabilities available from the Carbon Black EDR server
  • Use investigations to correlate data between multiple processes
  • Describe the components and capabilities of Carbon Black Cloud Endpoint Standard
  • Identify the architecture and data flows for VMware Carbon Black Cloud products
  • Perform searches across endpoint data to discover suspicious behavior
  • Manage the Carbon Black Cloud Endpoint Standard rules based on organizational requirements
  • Configure rules to address common threats
  • Evaluate the impact of rules on endpoints
  • Process and respond to alerts
  • Describe the different response capabilities available from VMware Carbon Black Cloud
  • Describe the components and capabilities of Carbon Black Cloud Enterprise EDR
  • Perform searches across endpoint data to discover suspicious behavior
  • Manage watchlists to augment the functionality of Carbon Black Cloud Enterprise EDR
  • Create custom watchlists to detect suspicious activity in your environment
  • Describe the process for responding to alerts in Carbon Black Cloud Enterprise EDR
  • Discover malicious activity within Carbon Black Cloud Enterprise EDR
  • Describe the different response capabilities available from VMware Carbon Black Cloud
  • Describe the components and capabilities of Carbon Black Cloud Audit and Remediation
  • Describe the use case and functionality of recommended queries
  • Achieve a basic knowledge of SQL
  • Describe the elements of a SQL query
  • Evaluate the filtering options for queries
  • Perform basic SQL queries on endpoints
  • Describe the different response capabilities available from VMware Carbon Black Cloud
Course Outline
  • VMware Carbon Black App Control Administrator
    • Login Accounts and Groups
    • Policies
    • Computer Details
    • Custom Rules
    • Tools
    • Events
    • Baseline Drift
  • VMware Carbon Black EDR
    • Planning and Architecture
    • Server Installation & Administration
    • Process Search and Analysis
    • Binary Search and Banning Binaries
    • Search best practices
    • Threat Intelligence
    • Watchlists
    • Alerts / Investigations / Responses
  • VMware Carbon Black Cloud Endpoint Standard
    • Data Flows and Communication
    • Searching Data
    • Policy Components
    • Prevention Capabilities Using Rules
    • Processing Alerts
    • Response Capabilities
  • VMware Carbon Black Cloud Enterprise EDR
    • Managing Watchlists
    • Alert Processing
    • Threat Hunting in Enterprise EDR
    • Response Capabilities
  • VMware Carbon Black Cloud Audit and Remediation
    • Query Basics
    • Recommended Queries
    • SQL Basics
    • Filtering Results
    • Basic SQL Queries
    • Advanced Search Capabilities
    • Response Capabilities
  • Product Alignment
    • VMware Carbon Black App Control
    • VMware Carbon Black EDR
    • VMware Carbon Black Cloud Endpoint Standard
    • VMware Carbon Black Cloud Endpoint Advanced
    • VMware Carbon Black Cloud Endpoint Enterprise
    • VMware Carbon Black Cloud Audit and Remediation