Wir beraten Sie gerne!
+49 40 253346-10     Kontakt

Online-Trainings im virtuellen Klassenraum,
E-Learning-Angebote und mehr

Jetzt informieren

VMware Carbon Black EDR Advanced Administrator (VCBEDRAA)

 

Kursüberblick

This one-day course teaches you how to use the advanced features of the VMware Carbon Black® EDR™ product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance.

Product Alignment

  • VMware Carbon Black EDR
Dieser Advanced-Kurs wird direkt von VMware durchgeführt.

Zielgruppe

System administrators and security operations personnel, including analysts and managers

Voraussetzungen

This course requires completion of the following course:

VMware Carbon Black EDR Administrator (VCBEDRA)

Kursziele

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Identify the architecture for a cluster configuration and Carbon Black EDR cluster communication
  • Describe the Carbon Black EDR server data types and data locations
  • Use the API to interact with the Carbon Black EDR server without using the UI
  • Create custom threat feeds for use in the Carbon Black EDR server
  • Perform the integration with a syslog server
  • Use different server-side scripts for troubleshooting
  • Troubleshoot sensor-side configurations and communication

Kursinhalt

Course Introduction
  • Introductions and course logistics
  • Course objectives
Architecture
  • Data flows and channels
  • Sizing considerations
  • Communication channels and ports
Server Datastores
  • SOLR database
  • Storage configurations and data aging
  • Partition states
  • Postgres
  • Modulestore
EDR API
  • CBAPI overview
  • Viewing API calls in the browser
  • Utilizing the API to access data
Threat Intelligence Feeds
  • Feed structure
  • Report indicator types
  • Custom threat feed creation and addition
Syslog Integration
  • SIEM support
  • Configuration
Troubleshooting
  • Server-side scripts
  • Server logs
  • Sensor operations
Online Training

Dauer 1 Tag

Preis (exkl. MwSt.)
  • 750,- €
Digitale Kursunterlagen

Sprache der Kursunterlagen: Englisch

Classroom Training

Dauer 1 Tag

Preis (exkl. MwSt.)
  • Deutschland: 750,- €
  • Schweiz: 750,- €
Digitale Kursunterlagen

Sprache der Kursunterlagen: Englisch

 

Kurstermine

Instructor-led Online Training:   Kursdurchführung online im virtuellen Klassenraum.
Englisch
1 Stunde Differenz
20.10.2020 Online Training Zeitzone: BST Kurssprache: Englisch