Praha (380 €)
Brno (380 €)
Bratislava (380 €)
Školení je vedeno virtuálně v anglickém jazyce. Cena školení je 380 EUR bez DPH - tato cena bude při fakturaci přepočtena aktuálním kurzem. This one-day course teaches you how to use the VMware Carbon Black® EDR™ product and leverage the capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs.
System administrators and security operations personnel, including analysts and managers.
By the end of the course, you
should be able to meet the following objectives:
• Describe the components and capabilities of the Carbon Black EDR server
• Identify the architecture and data flows for Carbon Black EDR communication
• Describe the Carbon Black EDR server installation process
• Manage and configure the Carbon Black EDR sever based on organizational requirements
• Perform searches across process and binary information
• Implement threat intelligence feeds and create watchlists for automated notifications
• Describe the different response capabilities available from the Carbon Black EDR server
• Use investigations to correlate data between multiple processes
There are no prerequisites for this course.
1 Course Introduction
• Introductions and course
logistics
• Course objectives
2 Planning and Installation
• Hardware and software
requirements
• Architecture
• Data flows
• Server installation
review
• Installing sensors
3 Server Administration
• Configuration and
settings
• Carbon Black EDR users and
groups
4 Process Search and
Analysis
• Filtering options
• Creating searches
• Process analysis and
events
5 Binary Search and Banning
Binaries
• Filtering options
• Creating searches
• Hash banning
6 Search best practices
• Search operators
• Advanced queries
7 Threat Intelligence
• Enabling alliance feeds
• Threat reports details
• Use and functionality
8 Watchlists
• Creating watchlists
• Use and functionality
9 Alerts / Investigations /
Response
• Using the HUD
• Alerts workflow
• Using network isolation
• Using live response
Uvedené ceny jsou bez DPH.