Refer a friend and get up to $100 Amazon gift card*  when they book training!

Learn More
closeClose

VMware Carbon Black EDR Advanced Administrator

  • Tuition USD $925 GSA  $792.19
  • Reviews star_rate star_rate star_rate star_rate star_half 2325 Ratings
  • Course Code EDU-VCBEDRAA
  • Duration 1 day
  • Available Formats Classroom, Virtual
View Schedule Ask a Question Need Group Training?

This one-day course teaches you how to use the advanced features of the VMware Carbon Black® EDR™ product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance.

Skills Gained

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Identify the architecture for a cluster configuration and Carbon Black EDR cluster communication
  • Describe the Carbon Black EDR server data types and data locations
  • Use the API to interact with the Carbon Black EDR server without using the UI
  • Create custom threat feeds for use in the Carbon Black EDR server
  • Perform the integration with a syslog server
  • Use different server-side scripts for troubleshooting
  • Troubleshoot sensor-side configurations and communication

Who Can Benefit

System administrators and security operations personnel, including analysts and managers.

Prerequisites

This course requires completion of the following course

  • VMware Carbon Black EDR Administrator

Course Details

Product Alignment

  • VMware Carbon Black EDR

Outline

Course Introduction

  • Introductions and course logistics
  • Course objectives

Architecture

  • Data flows and channels
  • Sizing considerations
  • Communication channels and ports

Server Datastores

  • SOLR database
  • Storage configurations and data aging
  • Partition states
  • Postgres
  • Modulestore

EDR API

  • CBAPI overview
  • Viewing API calls in the browser
  • Utilizing the API to access data

Threat Intelligence Feeds

  • Feed structure
  • Report indicator types
  • Custom threat feed creation and addition

Syslog Integration

  • SIEM support
  • Configuration

Troubleshooting

  • Server-side scripts
  • Server logs
  • Sensor operations
Read Less

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals, and private on sites. View our group training page for more information.

The course content and the delivery by the Instructor was good. I had a good learning experience with ExitCertified. Definitely recommend it to others.

Facilities were very clean, coffee was nice to have, snack selection was refreshing

the class was setup very well and I feel that I will be able to take what I have learned and use.

Happy with both classes I have taken. One in person, one virtual classroom.

Well planned presentations. Live Demo. Excellent labs to ensure comprehension.

8 options available

undo
  • Mar 16, 2021 Mar 16, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • Apr 6, 2021 Apr 6, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • Apr 20, 2021 Apr 20, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • May 4, 2021 May 4, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • May 18, 2021 May 18, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • Jun 8, 2021 Jun 8, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • Jun 29, 2021 Jun 29, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
  • Jul 20, 2021 Jul 20, 2021 (1 day)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
Contact Us 1-800-803-3948
Contact Us Live Chat
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward