Wir beraten Sie gerne!
+43 1 6000 880-0     Kontakt

Remote Trainings im virtuellen Klassenraum,
E-Learning Angebote und mehr!

Jetzt informieren

VMware Carbon Black EDR Advanced Administrator (VCBEDRAA)

 

Kursüberblick

This one-day course teaches you how to use the advanced features of the VMware Carbon Black® EDR™ product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance.

Product Alignment

  • VMware Carbon Black EDR
Dieser Advanced-Kurs wird direkt von VMware durchgeführt.

Zielgruppe

System administrators and security operations personnel, including analysts and managers

Voraussetzungen

This course requires completion of the following course:

VMware Carbon Black EDR Administrator (VCBEDRA)

Kursziele

By the end of the course, you should be able to meet the following objectives:

  • Describe the components and capabilities of the Carbon Black EDR server
  • Identify the architecture and data flows for Carbon Black EDR communication
  • Identify the architecture for a cluster configuration and Carbon Black EDR cluster communication
  • Describe the Carbon Black EDR server data types and data locations
  • Use the API to interact with the Carbon Black EDR server without using the UI
  • Create custom threat feeds for use in the Carbon Black EDR server
  • Perform the integration with a syslog server
  • Use different server-side scripts for troubleshooting
  • Troubleshoot sensor-side configurations and communication

Kursinhalt

Course Introduction
  • Introductions and course logistics
  • Course objectives
Architecture
  • Data flows and channels
  • Sizing considerations
  • Communication channels and ports
Server Datastores
  • SOLR database
  • Storage configurations and data aging
  • Partition states
  • Postgres
  • Modulestore
EDR API
  • CBAPI overview
  • Viewing API calls in the browser
  • Utilizing the API to access data
Threat Intelligence Feeds
  • Feed structure
  • Report indicator types
  • Custom threat feed creation and addition
Syslog Integration
  • SIEM support
  • Configuration
Troubleshooting
  • Server-side scripts
  • Server logs
  • Sensor operations
Online Training

Dauer 1 Tag

Preis (exkl. MwSt.)
  • 750,- €
Digitale Kursunterlagen
Classroom Training

Dauer 1 Tag

Preis (exkl. MwSt.)
  • Österreich: 750,- €
  • Deutschland: 750,- €
  • Schweiz: 750,- €
Digitale Kursunterlagen
 

Kurstermine

Instructor-led Online Training:   Dies ist ein Instructor-led Online Training, das über WebEx in einer VoIP Umgebung durchgeführt wird. Sollten Sie Fragen zu einem unserer Online-Kurse haben, können Sie uns jederzeit unter +43 1 6000 880-0 oder per E-Mail an info@itls.at kontaktieren.
Englisch
1 Stunde Differenz
Online Training Zeitzone: Greenwich Mean Time (GMT) Kurssprache: Englisch