top of page
top

VM-VCBCAR

VMware Carbon Black Cloud Audit and Remediation

VMware_with Partners.jpg

Price
Duration

USD 680.00 excl. VAT

On Demand

intrinsic-security.jpg
PDF.jpg
PDF Outline

Who Should Attend

System administrators and security operations personnel,

including analysts and managers

Prerequisites

Prerequisits

This course requires completion of the following course:

• VMware Carbon Black Cloud Fundamentals

What you'll will learn

Overview

This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies.

This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Objectives

Course Objectives

By the end of the course, you should be able to meet the following objectives:
• Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
• Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
• Describe the use case and functionality of recommended queries

• Achieve a basic knowledge of SQL
• Describe the elements of a SQL query
• Evaluate the filtering options for queries
• Perform basic SQL queries on endpoints
• Describe the different response capabilities available from VMware Carbon Black Cloud

Outlines

Course Outline

1 Course Introduction
• Introductions and course logistics
• Course objectives
2 Data Flows and Communication
• Hardware and software requirements
• Architecture
• Data flows
3 Query Basics
• osquery
• Available tables
• Query scope
• Running versus scheduling
4 Recommended Queries
• Use cases
• Inspecting the SQL query
5 SQL Basics
• Components
• Tables
• Select statements
• Where clause
• Creating basic queries

PDF.jpg

6 Filtering Results
• Where clause
• Exporting and filtering
7 Basic SQL Queries
• Query creation
• Running queries
• Viewing results
8 Advanced Search Capabilities
• Advanced SQL options
• Threat hunting
9 Response Capabilities
• Using live response

Further information
If you would like to know more about this course please contact us

bottom of page