VCBEDRAAN - VMware Carbon Black EDR Advanced Analyst

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenario-based lab.

Duration: 1.0 day

Enquire Now

Start learning today!

Click Hereto customize your Training


By the end of the course, you should be able to meet the following objectives:
  • Utilize Carbon Black EDR throughout an incident 
  • Implement a baseline configuration for Carbon Black EDR 
  • Determine if an alert is a true or false positive 
  • Fully scope out an attack from moment of compromise 
  • Describe Carbon Black EDR capabilities available to respond to an incident 
  • Create addition detection controls to increase security


Course Introduction
  • Introductions and course logistics 
  • Course objectives

VMware Carbon Black EDR & Incident Response
  • Framework identification and process

  • Implement the Carbon Black EDR instance according to organizational requirements

  • Use initial detection mechanisms 
  • Process alerts 
  • Proactive threat hunting 
  • Incident determination

  • Incident scoping
  • Artifact collection 
  • Investigation

  • Hash banning 
  • Removing artifacts 
  • Continuous monitoring

  • Rebuilding endpoints
  • Getting to a more secure state

Lessons Learned
  • Tuning Carbon Black EDR 
  • Incident close out


Security operations personnel, including analysts and incident responders


This course requires completion of the following course:
  • VMware Carbon Black EDR Administrator



Course Benefits

  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

VMware Popular Courses


VMware Horizon 7: Install, Configure, Manage v7.10


This course is the foundation for most of the other VMware technologies in the software-defined data center.
Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy