VMware Carbon Black EDR Advanced Analyst

Course code: VCBEDRAAN

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenario-based lab.

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: Individual

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 410 EUR

Register

Starting date: Individual

Type: On Demand

Course duration: 1 day

Language: en

Price without VAT: 410 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
Individual In-person/Virtual 1 day en/cz 410 EUR Register
Individual On Demand 1 day en 410 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course description

This one-day course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenario-based lab.

This course is also available in an On Demand format. For more information, select this link: VMware Carbon Black EDR Advanced Analyst - On Demand.

Target group

System administrators and security operations personnel, including analysts and managers

Course structure

Course Introduction

  • Introductions and course logistics
  • Course objectives

VMware Carbon Black EDR & Incident Response

  • Framework identification and process

Preparation

  • Implement the Carbon Black EDR instance according to organizational requirements

Identification

  • Use initial detection mechanisms
  • Process alerts
  • Proactive threat hunting
  • Incident determination

Containment

  • Incident scoping
  • Artifact collection
  • Investigation

Eradication

  • Hash banning
  • Removing artifacts
  • Continuous monitoring

Recovery

  • Rebuilding endpoints
  • Getting to a more secure state

Lessons Learned

  • Tuning Carbon Black EDR
  • Incident close out

Follow-up courses

VMware Carbon Black EDR Administrator en/cz en

Vendor: VMware

Area: Virtualization

Price from

380 EUR without VAT

VMware Carbon Black EDR Advanced Administrator en/cz en

Vendor: VMware

Area: Virtualization

Price from

410 EUR without VAT

ComGate payment gateway MasterCard Logo Visa logo