VM-VCBCAR

VM-VCBCAR

VMware Carbon Black Cloud Audit and Remediation

VMware_with Partners.jpg

Price
Duration

USD 680.00 excl. VAT

1 Day

intrinsic-security.jpg
PDF.jpg
PDF Outline

Who Should Attend

System administrators and security operations personnel,

including analysts and managers

Prerequisites

 

This course requires completion of the following course:

• VMware Carbon Black Cloud Fundamentals

 

Overview

This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies.

This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

 

Course Objectives

By the end of the course, you should be able to meet the following objectives:
• Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
• Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
• Describe the use case and functionality of recommended queries

• Achieve a basic knowledge of SQL
• Describe the elements of a SQL query
• Evaluate the filtering options for queries
• Perform basic SQL queries on endpoints
• Describe the different response capabilities available from VMware Carbon Black Cloud

 

Course Outline

1 Course Introduction
• Introductions and course logistics
• Course objectives

2 Data Flows and Communication
• Hardware and software requirements
• Architecture
• Data flows

3 Query Basics
• osquery
• Available tables
• Query scope
• Running versus scheduling

4 Recommended Queries
• Use cases
• Inspecting the SQL query

5 SQL Basics
• Components
• Tables
• Select statements
• Where clause
• Creating basic queries

PDF.jpg


6 Filtering Results
• Where clause
• Exporting and filtering

7 Basic SQL Queries
• Query creation
• Running queries
• Viewing results

8 Advanced Search Capabilities
• Advanced SQL options
• Threat hunting

9 Response Capabilities
• Using live response

Further information
If you would like to know more about this course please contact us

 
 
VMware_with Partners.jpg
 

Thanks for registering. our team will contact you soon !

Registration

ILT/VILT