VMware Carbon Black Cloud Audit and Remediation
This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
Product Alignment
– VMware Carbon Black Cloud Audit and Remediation
– VMware Carbon Black Cloud Endpoint™ Advanced
– VMware Carbon Black Cloud Endpoint™ Enterprise
Objetivos
Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
Describe the use case and functionality of recommended queries
Achieve a basic knowledge of SQL
Describe the elements of a SQL query
Evaluate the filtering options for queries
Perform basic SQL queries on endpoints
Describe the different response capabilities available from VMware Carbon Black Cloud
Cloud computing
Disponible en formato e-learning
Disponible en formato presencial
Disponible en formato a distancia
Descargar la información del curso
Subvención disponible
A través de Fundae, cumpliendo requisitos.
Duración
5 horas
- Dificultad 50%
- Nivel alcanzado 80%
Dirigido a
System administrators and security operations personnel, including analysts and managers
Conocimientos requeridos
This course requires completion of the following course:
VMware Carbon Black Cloud Fundamentals
Temario
1 Course Introduction
Introductions and course logistics
Course objectives
2 Data Flows and Communication
Hardware and software requirements
Architecture
Data flows
3 Query Basics
osquery
Available tables
Query scope
Running versus scheduling
4 Recommended Queries
Use cases
Inspecting the SQL query
5 SQL Basics
Components
Tables
Select statements
Where clause
Creating basic queries
6 Filtering Results
Where clause
Exporting and filtering
7 Basic SQL Queries
Query creation
Running queries
Viewing results
8 Advanced Search Capabilities
Advanced SQL options
Threat hunting
9 Response Capabilities
Using live response
Comentarios recientes