VMware Carbon Black EDR Advanced Administrator

VMware Carbon Black EDR Advanced Administrator

This one-day course teaches you how to use the advanced features of the VMware Carbon Black® EDR™ product.

Share on facebook
Share on twitter
Share on linkedin

Overview

This one-day course teaches you how to use the advanced features of the VMware Carbon Black® EDR™ product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance.

Prerequisites

This course requires completion of the following course:

Who Should Attend?

System administrators and security operations personnel, including analysts and managers

Course Outline

  •  Introductions and course logistics
  • Course objectives
  • Data flows and channels
  • Sizing considerations
  • Communication channels and ports
  • SOLR database
  • Storage configurations and data aging
  • Partition states
  • Postgres
  • Modulestore
  • CBAPI overview
  • Viewing API calls in the browser
  • Utilizing the API to access data
  • Feed structure
  • Report indicator types
  • Custom threat feed creation and addition
  • SIEM support
  • Configuration
  • Server-side scripts
  • Server logs
  • Sensor operations

Get Brochure and Pricing

More Like This

Get the course Brochure & Pricing

Our course consultant will contact you within 1 working day

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Stay-Home-Series-main-header-v2

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Open chat
Get in touch with our consultant