Home > Vendors > vmware > vcbedraan

Share

VCBEDRAAN - VMware Carbon Black EDR Advanced Analyst

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenario-based lab.

Duration: 1.0

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

By the end of the course, you should be able to meet the following objectives:
  • Utilize Carbon Black EDR throughout an incident 
  • Implement a baseline configuration for Carbon Black EDR 
  • Determine if an alert is a true or false positive 
  • Fully scope out an attack from moment of compromise 
  • Describe Carbon Black EDR capabilities available to respond to an incident 
  • Create addition detection controls to increase security

Content

Course Introduction
  • Introductions and course logistics 
  • Course objectives

VMware Carbon Black EDR & Incident Response
  • Framework identification and process

Preparation
  • Implement the Carbon Black EDR instance according to organizational requirements

Identification
  • Use initial detection mechanisms 
  • Process alerts 
  • Proactive threat hunting 
  • Incident determination

Containment
  • Incident scoping
  • Artifact collection 
  • Investigation

Eradication
  • Hash banning 
  • Removing artifacts 
  • Continuous monitoring

Recovery
  • Rebuilding endpoints
  • Getting to a more secure state

Lessons Learned
  • Tuning Carbon Black EDR 
  • Incident close out

Audience

Security operations personnel, including analysts and incident responders

Prerequisites

This course requires completion of the following course:
  • VMware Carbon Black EDR Administrator

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

VMware Popular Courses

vmhvicm7.10

VMware Horizon 7: Install, Configure, Manage v7.10

vsicm7

This course is the foundation for most of the other VMware technologies in the software-defined data center.
Enquire Now
XExtwF
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy