Training and Certifications > Course Outline

VMware Carbon Black EDR Advanced Analyst

This course teaches you how to use the VMware Carbon Black® EDR™ product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenariobased lab.

Skip to Available Dates

Learning Objectives

By the end of the course, you should be able to meet the following objectives:

  • Utilize Carbon Black EDR throughout an incident Implement a baseline configuration for Carbon Black EDR Determine if an alert is a true or false positive Fully scope out an attack from moment of compromise Describe Carbon Black EDR capabilities available to respond to an incident Create addition detection controls to increase security

     

    Course Details

    Course Outline

    1 - Course Introduction
  • Introductions and course logistics
  • Course objectives
    • 2 - VMware Carbon Black EDR & Incident Response
  • Framework identification and process
    • 3 - Preparation
  • Implement the Carbon Black EDR instance according to organizational requirements
    • 4 - Identification
  • Use initial detection mechanisms
  • Process alerts
  • Proactive threat hunting
  • Incident determination
    • 5 - Containment
  • Incident scoping
  • Artifact collection
  • Investigation
    • 6 - Eradication
  • Hash banning
  • Removing artifacts
  • Continuous monitoring
    • 7 - Recovery
  • Rebuilding endpoints
  • Getting to a more secure state
    • 8 - Lessons Learned
  • Tuning Carbon Black EDR
  • Incident close out

    • Actual course outline may vary depending on offering center. Contact your sales representative for more information.

    Who is it For?

    Target Audience

    Security operations personnel, including analysts and incident responders

    Prerequisites

    VMware Carbon Black EDR Advanced Analyst

    Call
    Course Length : 1 Day

    There are currently no scheduled dates for this course. Please contact us for more information.

     Interested in On-Demand Training?

     PDF Outline With Dates     PDF Outline

    Need Help Picking the Right Course? Give us a call! 22 251180