top of page


VMware Carbon Black Cloud Audit and Remediation

VMware_with Partners.jpg


USD 680.00 excl. VAT

On Demand

PDF Outline

Who Should Attend

System administrators and security operations personnel,

including analysts and managers



This course requires completion of the following course:

• VMware Carbon Black Cloud Fundamentals

What you'll will learn


This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies.

This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.


Course Objectives

By the end of the course, you should be able to meet the following objectives:
• Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
• Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
• Describe the use case and functionality of recommended queries

• Achieve a basic knowledge of SQL
• Describe the elements of a SQL query
• Evaluate the filtering options for queries
• Perform basic SQL queries on endpoints
• Describe the different response capabilities available from VMware Carbon Black Cloud


Course Outline

1 Course Introduction
• Introductions and course logistics
• Course objectives
2 Data Flows and Communication
• Hardware and software requirements
• Architecture
• Data flows
3 Query Basics
• osquery
• Available tables
• Query scope
• Running versus scheduling
4 Recommended Queries
• Use cases
• Inspecting the SQL query
5 SQL Basics
• Components
• Tables
• Select statements
• Where clause
• Creating basic queries


6 Filtering Results
• Where clause
• Exporting and filtering
7 Basic SQL Queries
• Query creation
• Running queries
• Viewing results
8 Advanced Search Capabilities
• Advanced SQL options
• Threat hunting
9 Response Capabilities
• Using live response

Further information
If you would like to know more about this course please contact us

bottom of page