VMware Carbon Black Cloud Audit and Remediation

VMware Carbon Black Cloud Audit and Remediation

This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Product Alignment

– VMware Carbon Black Cloud Audit and Remediation

– VMware Carbon Black Cloud Endpoint™ Advanced

– VMware Carbon Black Cloud Endpoint™ Enterprise

Objetivos

Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
Describe the use case and functionality of recommended queries
Achieve a basic knowledge of SQL
Describe the elements of a SQL query
Evaluate the filtering options for queries
Perform basic SQL queries on endpoints
Describe the different response capabilities available from VMware Carbon Black Cloud

Cloud computing

Disponible en formato e-learning

Disponible en formato presencial

<img decoding="async" src="http://itformacion.ivanosuna.com/wp-content/uploads/2020/09/curso-remoto-300x300.png" alt="" srcset="https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-300x300.png 300w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-150x150.png 150w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-480x480.png 480w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto.png 512w" sizes="(max-width: 300px) 100vw, 300px" class="et-waypoint et_pb_animation_top" />

Disponible en formato a distancia

<img decoding="async" src="http://itformacion.ivanosuna.com/wp-content/uploads/2020/09/curso-remoto-300x300.png" alt="" srcset="https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-300x300.png 300w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-150x150.png 150w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto-480x480.png 480w, https://itformacion.net/wp-content/uploads/2020/09/curso-remoto.png 512w" sizes="(max-width: 300px) 100vw, 300px" class="et-waypoint et_pb_animation_top" />

Acceso al campus

Subvención disponible
A través de Fundae, cumpliendo requisitos.

Duración
5 horas

Dificultad 50% 50%
Nivel alcanzado 80% 80%

Dirigido a

System administrators and security operations personnel, including analysts and managers

Conocimientos requeridos

This course requires completion of the following course:

VMware Carbon Black Cloud Fundamentals

Temario

1 Course Introduction

Introductions and course logistics
Course objectives
2 Data Flows and Communication

Hardware and software requirements
Architecture
Data flows
3 Query Basics

osquery
Available tables
Query scope
Running versus scheduling
4 Recommended Queries

Use cases
Inspecting the SQL query
5 SQL Basics

Components
Tables
Select statements
Where clause
Creating basic queries
6 Filtering Results

Where clause
Exporting and filtering
7 Basic SQL Queries

Query creation
Running queries
Viewing results
8 Advanced Search Capabilities

Advanced SQL options
Threat hunting
9 Response Capabilities

Using live response

Solicita información del curso