Course Catalog  > Cloud  > VMware  > VMware Carbon Black
EDU-VCBEDRA

VMware Carbon Black EDR Administrator Training

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
Request Information
Request On-Site or Customized Course Info
Course Details

Duration

1 day

Prerequisites

There are no prerequisites for this course.

Target Audience

  • System Administrators
  • Security Operations personnel including analyst and managers

Skills Gained

  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Describe the Carbon Black EDR server installation process
  • Manage and configure the Carbon Black EDR sever based on organizational requirements
  • Perform searches across process and binary information
  • Implement threat intelligence feeds and create watchlists for automated notifications
  • Describe the different response capabilities available from the Carbon Black EDR server
  • Use investigations to correlate data between multiple processes
Course Outline
  • Planning and Installation
    • Hardware and software requirements
    • Architecture
    • Data flows
    • Server installation review
    • Installing sensors
  • Server Administration
    • Configuration and settings
    • Carbon Black EDR users and groups
  • Process Search and Analysis
    • Filtering options
    • Creating searches
    • Process analysis and events
  • Binary Search and Banning Binaries
    • Filtering options
    • Creating searches
    • Hash banning
  • Search best practices
    • Search operators
    • Advanced queries
  • Threat Intelligence
    • Enabling alliance feeds
    • Threat reports details
    • Use and functionality
  • Watchlists
    • Creating watchlists
    • Use and functionality
  • Alerts / Investigations / Response
    • Using the HUD
    • Alerts workflow
    • Using network isolation
    • Using live response
  • Product Alignment
    • VMware Carbon Black EDR