VMware Carbon Black Cloud Audit and Remediation (VCBCAR)

 

Course Overview

This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Product Alignment
  • VMware Carbon Black Cloud Audit and Remediation
  • VMware Carbon Black Cloud Endpoint™ Advanced
  • VMware Carbon Black Cloud Endpoint™ Enterprise

Who should attend

System administrators and security operations personnel, including analysts and managers

Certifications

This course is part of the following Certifications:

Prerequisites

This course requires completion of the following course:

  • VMware Carbon Black Cloud Fundamentals

Course Objectives

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
  • Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
  • Describe the use case and functionality of recommended queries
  • Achieve a basic knowledge of SQL
  • Describe the elements of a SQL query
  • Evaluate the filtering options for queries
  • Perform basic SQL queries on endpoints
  • Describe the different response capabilities available from VMware Carbon Black Cloud

Course Content

Course Introduction
  • Introductions and course logistics
  • Course objectives
Data Flows and Communication
  • Hardware and software requirements
  • Architecture
  • Data flows
Query Basics
  • osquery
  • Available tables
  • Query scope
  • Running versus scheduling
Recommended Queries
  • Use cases
  • Inspecting the SQL query
SQL Basics
  • Components
  • Tables
  • Select statements
  • Where clause
  • Creating basic queries
Filtering Results
  • Where clause
  • Exporting and filtering
Basic SQL Queries
  • Query creation
  • Running queries
  • Viewing results
Advanced Search Capabilities
  • Advanced SQL options
  • Threat hunting
Response Capabilities
  • Using live response

Prices & Delivery methods

Online training

Duration
1 day

Price
  • 750,– €
Plats & Datum
Enquire a date
Classroom training

Duration
1 day

Price
  • Sverige: 750,– €
Plats & Datum
Enquire a date

Currently there are no training dates scheduled for this course.