Course Overview
This one-day course teaches you how to use the VMware Carbon Black® Cloud Audit and Remediation™ product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.
Course Objectives
By the end of the course, you should be able to meet the following objectives:
Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation
Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication
Describe the use case and functionality of recommended queries
Achieve a basic knowledge of SQL
Describe the elements of a SQL query
Evaluate the filtering options for queries
Perform basic SQL queries on endpoints
Describe the different response capabilities available from VMware Carbon Black Cloud
- Top-rated instructors: Our crew of subject matter experts have an average instructor rating of 4.8 out of 5 across thousands of reviews.
- Authorized content: We maintain more than 35 Authorized Training Partnerships with the top players in tech, ensuring your course materials contain the most relevant and up-to date information.
- Interactive classroom participation: Our virtual training includes live lectures, demonstrations and virtual labs that allow you to participate in discussions with your instructor and fellow classmates to get real-time feedback.
- Post Class Resources: Review your class content, catch up on any material you may have missed or perfect your new skills with access to resources after your course is complete.
- Private Group Training: Let our world-class instructors deliver exclusive training courses just for your employees. Our private group training is designed to promote your team’s shared growth and skill development.
- Tailored Training Solutions: Our subject matter experts can customize the class to specifically address the unique goals of your team.
Course Prerequisites
There are no prerequisites for this course.
Agenda
1 - Course Introduction
- Introductions and course logistics
- Course objectives
2 - Data Flows and Communication
- Hardware and software requirements
- Architecture
- Data flows
3 - Query Basics
- osquery
- Available tables
- Query scope
- Running versus scheduling
4 - Recommended Queries
- Use cases
- Inspecting the SQL query
5 - SQL Basics
- Components
- Tables
- Select statements
- Where clause
- Creating basic queries
6 - Filtering Results
- Where clause
- Exporting and filtering
7 - Basic SQL Queries
- Query creation
- Running queries
- Viewing results
8 - Advanced Search Capabilities
- Advanced SQL options
- Threat hunting
9 - Response Capabilities