Overview
This one-day course teaches you how to use the VMware Carbon Black Cloud Endpoint™ Standard product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies.
Prerequisites
This course requires completion of the following course:
- VMware Carbon Black Cloud Fundamentals
Who Should Attend?
System administrators and security operations personnel, including analysts and managers
Course Outline
- Â Introductions and course logistics
- Course objectives
- Hardware and software requirements
- Architecture
- Data flows
- Creating searches
- Analyzing events
- Search operators
- Advanced queries
- Rules
- Local scanner
- Sensor capabilities
- Rule types
- Rule creation
- Reputation priority
- Configuring rules
- Evaluating rule impact
- Â Alert triage
- Alert actions
- Using quarantine
- Using live response
- Hash banning