Training
VMware
Carbon Black
VMware Carbon Black EDR: Install, Configure, Manage [V7.x]

7879 Reviews star_rate star_rate star_rate star_rate star_half

VMware Carbon Black EDR: Install, Configure, Manage [V7.x]

This three-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in installing, configuring, and managing the VMware Carbon Black® EDR™...

By Request

$2,550 USD

Course Code EDU-CBEDRICM7

Duration 3 days

Available Formats Classroom

Enter your Email to Download Full Course Details

This three-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in installing, configuring, and managing the VMware Carbon Black® EDR™ environment. This course introduces you to product features, capabilities, and workflows for managing endpoint security. Hands-on labs enable learners to reinforce topics by performing operations and tasks within the product in a training environment.

Skills Gained

By the end of the course, you should be able to meet the following objectives:

Describe the architecture of a Carbon Black EDR implementation
Perform the installation, upgrade, and configuration of the Carbon Black EDR server
Describe the purpose and use of multiple datastores in the server
Perform live queries across endpoints to gather additional data
Perform effective searches across the dataset to find security artifacts related to the endpoints
Manage Threat Intelligence Feeds and Watchlists
Describe connectors in Carbon Black EDR
Troubleshoot server and sensor problems
Analyze data found in the Heads-Up Display
Manage investigations to group and summarize security incidents and artifacts
Perform the different response capabilities available to users in Carbon Black EDR
Use the Carbon Black EDR API to automate tasks

Who Can Benefit

Security analyst, threat hunters, or incident responders
Security professionals who work with enterprise and endpoint security tools

Prerequisites

There are no prerequisites for this course.

Course Details

Product Alignment

VMware Carbon Black® EDR™ 7.7

Outline

Course Introduction

Introductions and course logistics
Course objectives

Planning and Architecture

Describe the architecture and components of Carbon Black EDR
Explain single and cluster server requirements
Identify the communication requirements for Carbon Black EDR

Server Installation, Upgrade, and Administration

Install the Carbon Black EDR server
Describe the options during the installation process
Install a Carbon Black EDR sensor
Confirm data ingestion in the Carbon Black EDR server
Identify built-in administration tools
Manage sensor groups
Manage users and teams

Exploring Server Datastores

Describe the datastores used in Carbon Black EDR
Interact with the available datastores

Performing Live Query

Describe live query capabilities
Perform queries across endpoints

Searching and Best Practices

Describe the capabilities and data available in the process search
Perform process searches to find specific endpoint activity
Describe the capabilities and data available in the binary search
Perform binary searches to find application data
Describe the query syntax and advanced use cases
Perform advanced queries across the dataset

Threat Intelligence Feeds and Watchlists

Define Threat Intelligence Feeds
Manage the available Threat Intelligence Feeds
Describe the use of Watchlists
Manage Watchlists in the environment

Connectors in VMware Carbon Black EDR

Configure connectors in Carbon Black EDR
Troubleshoot connectors

Troubleshooting VMware Carbon Black EDR

Identify the available troubleshooting scripts in the Carbon Black EDR server
Run troubleshooting scripts to identify problems
Generate a sensor log bundle
Identify the location of sensor registry keys

Head-Up Display Page Overview

Identify panels relating to endpoint data
Analyze endpoint data provided by the panels
Identify panels relating to operations data
Analyze operations data provided by the panels
Identify panels relating to server data
Analyze server data provided by the panels
Define alert generation in Carbon Black EDR
Manage alerts

Performing Investigations

Describe investigations
Explore data used in an investigation
Manage investigations
Manage investigation events

Responding to Endpoint Incidents

Describe isolation in Carbon Black EDR
Manage isolating endpoints
Describe live response capabilities
Manage live response sessions
Describe hash banning
Manage banned hashes

Overview of Postman and the VMware Carbon Black EDR API

Explain the use of the API
Differentiate the APIs available for Carbon Black EDR
Explain the purpose of API tokens
Create an API token
Explain the API URL
Create a valid API request
Import a collection to Postman
Initiate an API request from Postman
Perform operations manually using Postman
Analyze the use cases for Postman
Show basic automation tasks using the API and curl
Compare the usage of curl with Postman

Read Less

0 options available

There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links above. We can also contact you when the course is scheduled in your area.

Request Other Date Request On-site Course

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

How do I find an ExitCertified training location?

We have training locations across the United States and Canada. View a full list of classroom training locations.

Which delivery formats are available?

At ExitCertified we offer training that is Instructor-Led, Online, Virtual and Self-Paced.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

What does vendor-authorized training mean?

As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.

Is the training too basic, or will you go deep into technology?

It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.

How up-to-date are your courses and support materials?

We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.

Are your instructors seasoned trainers who have deep knowledge of the training topic?

ExitCertified instructors have an average of 27 years of practical IT experience. They have also served as consultants for an average of 15 years. To stay up to date, instructors will at least spend 25 percent of their time learning new emerging technologies and courses.

Do you provide hands-on training and exercises in an actual lab environment?

Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.

Will you customize the training for our company’s specific needs and goals?

We will work with you to identify training needs and areas of growth. We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.

How do I get started with certification?

Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact customerexp@exitcertified.com.

Will I get access to content after I complete a course?

You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.

How to request a W9 for ExitCertified LLC?

View our filing status and how to request a W9.

The course was informative, and I learnt a new skill. The instructor was up to the point.

ExitCertified Student

ExitCertified

Provided good amount of material and a great instructor to teach the material.

Jacob Wilson

ExitCertified

Although there seemed to be too many links for the course, everything worked smoothly.

ExitCertified Student

ExitCertified

The class and material is good. I think some of the software needs to be updated.

&quot;&quot;

ExitCertified

The instructor was thorough and they also provided hands-on demonstrations with labs.

ExitCertified Student

ExitCertified

VMware Carbon Black EDR: Install, Configure, Manage [V7.x]

Overview

Schedule

FAQ

Reviews

Skills Gained

Who Can Benefit

Prerequisites

Course Details

Product Alignment

Outline

When does class start/end?

Does the course schedule include a Lunchbreak?

How can someone reach me during class?

What languages are used to deliver training?

What does GTR stand for?

How do I find an ExitCertified training location?

Which delivery formats are available?

Does ExitCertified deliver group training?

What does vendor-authorized training mean?

Is the training too basic, or will you go deep into technology?

How up-to-date are your courses and support materials?

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Do you provide hands-on training and exercises in an actual lab environment?

Will you customize the training for our company’s specific needs and goals?

How do I get started with certification?

Will I get access to content after I complete a course?

How to request a W9 for ExitCertified LLC?

Alert!

Modal Title

Error!

Default Title

Prompt

Confirm

Login

VMware Carbon Black EDR: Install, Configure, Manage [V7.x]

Overview

Schedule

FAQ

Reviews

Skills Gained

Who Can Benefit

Prerequisites

Course Details

Product Alignment

Outline

Upcoming Course Dates

Drag & Drop a File Here

When does class start/end?

Does the course schedule include a Lunchbreak?

How can someone reach me during class?

What languages are used to deliver training?

What does GTR stand for?

How do I find an ExitCertified training location?

Which delivery formats are available?

Does ExitCertified deliver group training?

What does vendor-authorized training mean?

Is the training too basic, or will you go deep into technology?

How up-to-date are your courses and support materials?

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Do you provide hands-on training and exercises in an actual lab environment?

Will you customize the training for our company’s specific needs and goals?

How do I get started with certification?

Will I get access to content after I complete a course?

How to request a W9 for ExitCertified LLC?

Alert!

Modal Title

Error!

Default Title

Prompt

Confirm

Login