Intrinsic Security


VMware Carbon Black Cloud Audit and Remediation

United Arab Emirates:
USD 680.00 excl. VAT

Duration: 1 Days

Target Audience

System administrators and security operations personnel, including analysts and managers


This course requires completion of the following course:
•  VMware Carbon Black Cloud Fundamentals

An individual course planning is possible for this kind of course. If you would like to know more about this course please either call us on +971 4 42 89 440 or send an email to


This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Course Objectives

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
  • Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
  • Describe the use case and functionality of recommended queries
  • Achieve a basic knowledge of SQL
  • Describe the elements of a SQL query
  • Evaluate the filtering options for queries
  • Perform basic SQL queries on endpoints
  • Describe the different response capabilities available from VMware Carbon Black Cloud

Course Outline

1  Course Introduction
•  Introductions and course logistics
•  Course objectives

2  Data Flows and Communication
•  Hardware and software requirements
•  Architecture
•  Data flows

3  Query Basics
•  osquery
•  Available tables
•  Query scope
•  Running versus scheduling

4  Recommended Queries
•  Use cases
•  Inspecting the SQL query

5  SQL Basics
•  Components
•  Tables
•  Select statements
•  Where clause
•  Creating basic queries

6  Filtering Results
•  Where clause
•  Exporting and filtering

7  Basic SQL Queries
•  Query creation
•  Running queries
•  Viewing results

8  Advanced Search Capabilities
•  Advanced SQL options
•  Threat hunting

9  Response Capabilities
•  Using live response


Further information

If you would like to know more about this course please contact us