VMware Carbon Black Training Course Singapore
Category

VMware Carbon Black EDR Advanced Analyst

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response.

Get Brochure and Pricing

Overview

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenario-based lab.

Prerequisites

This course requires completion of the following course:

Who Should Attend?

Security operations personnel, including analysts and incident responders

Course Outline

  •  Introductions and course logistics
  • Course objectives
  • Framework identification and process
  • Implement the Carbon Black EDR instance according to organizational requirements
  • Use initial detection mechanisms
  • Process alerts
  • Proactive threat hunting
  • Incident determination
  • Incident scoping
  • Artifact collection
  • Investigation
  • Hash banning
  • Removing artifacts
  • Continuous monitoring
  • Rebuilding endpoints
  • Getting to a more secure state
  • Tuning Carbon Black EDR
  • Incident close out

Get Pricing and Brochure

Privacy Policy

More Like This

Get the course Brochure & Pricing

Our course consultant will contact you within 1 working day

Privacy Policy

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

OK
Get in touch with our consultant