DANH SÁCH KHÓA HỌC / COURSE BY TECHNOLOGY VENDORS / VMWARE

VMware Carbon Black EDR Administrator

Tóm tắt khóa học:

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.

Thời lượng khóa học: 1 ngày

Nội dung khóa học:

1 Course Introduction

Introductions and course logistics
Course objectives

2 Planning and Architecture

Hardware and software requirements
Architecture
Data flows
Server installation review
Installing sensors

3 Server Installation & Administration

Configuration and settings
Carbon Black EDR users and groups

4 Process Search and Analysis

Filtering options
Creating searches
Process analysis and events

5 Binary Search and Banning Binaries

Filtering options
Creating searches
Hash banning

6 Search best practices

Search operators
Advanced queries

7 Threat Intelligence

Enabling alliance feeds
Threat reports details
Use and functionality

8 Watchlists

Creating watchlists
Use and functionality

9 Alerts / Investigations / Response

Using the HUD
Alerts workflow
Using network isolation
Using live response