VM-VCBEDRA
VMware Carbon Black EDR Administrator
![VMware_with Partners.jpg](https://static.wixstatic.com/media/38b5e1_0d5169371f1243cfba28a2dfc676eb63~mv2.jpg/v1/crop/x_17,y_0,w_190,h_132/fill/w_90,h_62,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/VMware_with%20Partners.jpg)
Price:
Duration:
USD 620.00 excl. VAT
On Demand
![PDF.jpg](https://static.wixstatic.com/media/38b5e1_a0ca9b81ac4a41a386368418322896ce~mv2.jpg/v1/fill/w_43,h_40,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/PDF.jpg)
![PDF Outline](https://static.wixstatic.com/media/38b5e1_70da0c4a1f7240df986aba2f67a09084~mv2.png/v1/fill/w_78,h_13,al_c,q_85,enc_auto/PDF%20Outline.png)
Who Should Attend
System administrators and security operations personnel,
including analysts and managers
Prerequisites
There are no prerequisites for this course.
Overview
This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies.
This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
Course Objectives
By the end of the course, you should be able to meet the following objectives:
• Describe the components and capabilities of the Carbon Black EDR server
• Identify the architecture and data flows for Carbon Black EDR communication
• Describe the Carbon Black EDR server installation process
• Manage and configure the Carbon Black EDR sever based on organizational requirements
• Perform searches across process and binary information
• Implement threat intelligence feeds and create watchlists for automated notifications
• Describe the different response capabilities available from the Carbon Black EDR server
• Use investigations to correlate data between multiple processes
Course Outline
1 Course Introduction
• Introductions and course logistics
• Course objectives
2 Planning and Architecture
• Hardware and software requirements
• Architecture
• Data flows
• Server installation review
• Installing sensors
3 Server Installation & Administration
• Configuration and settings
• Carbon Black EDR users and groups
4 Process Search and Analysis
• Filtering options
• Creating searches
• Process analysis and events
![PDF.jpg](https://static.wixstatic.com/media/38b5e1_a0ca9b81ac4a41a386368418322896ce~mv2.jpg/v1/fill/w_43,h_40,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/PDF.jpg)
5 Binary Search and Banning Binaries
• Filtering options
• Creating searches
• Hash banning
6 Search best practices
• Search operators
• Advanced queries
7 Threat Intelligence
• Enabling alliance feeds
• Threat reports details
• Use and functionality
8 Watchlists
• Creating watchlists
• Use and functionality
9 Alerts / Investigations / Response
• Using the HUD
• Alerts workflow
• Using network isolation
• Using live response