EtusivuHae koulutuksiaVMware Carbon Black Cloud Audit and Remediation

VMware Carbon Black Cloud Audit and Remediation

This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization's security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.


Koulutusmuoto
Remote

Kesto
1 päivä

Hinta
750 €

System administrators and security operations personnel, including analysts and managers

By the end of the course, you should be able to meet the following objectives:

  • • Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
  • • Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
  • • Describe the use case and functionality of recommended queries
  • • Achieve a basic knowledge of SQL
  • • Describe the elements of a SQL query
  • • Evaluate the filtering options for queries
  • • Perform basic SQL queries on endpoints
  • • Describe the different response capabilities available from VMware Carbon Black Cloud

This course requires completion of the following course:

  • • VMware Carbon Black Cloud Fundamentals

1 Course Introduction

  • • Introductions and course logistics
  • • Course objectives

2 Data Flows and Communication

  • • Hardware and software requirements
  • • Architecture
  • • Data flows

3 Query Basics

  • • osquery
  • • Available tables
  • • Query scope
  • • Running versus scheduling

4 Recommended Queries

  • • Use cases
  • • Inspecting the SQL query

5 SQL Basics

  • • Components
  • • Tables
  • • Select statements
  • • Where clause
  • • Creating basic queries

6 Filtering Results

  • • Where clause
  • • Exporting and filtering

7 Basic SQL Queries

  • • Query creation
  • • Running queries
  • • Viewing results

8 Advanced Search Capabilities

  • • Advanced SQL options
  • • Threat hunting

9 Response Capabilities

  • • Using live response
Yhteistyössä: Arrow