Nous serions heureux de vous conseiller !
+33 1 84 19 32 26     info@flane.fr

Formations en ligne en classe virtuelle, e-learning
et autres méthodes pour votre télétravail

En savoir plus

VMware Carbon Black EDR Advanced Analyst (VCBEDRAAN)

Detailed Course Outline

Course Introduction
  • Introductions and course logistics
  • Course objectives
VMware Carbon Black EDR & Incident Response
  • Framework identification and process
Preparation
  • Implement the Carbon Black EDR instance according to organizational requirements
Identification
  • Use initial detection mechanisms
  • Process alerts
  • Proactive threat hunting
  • Incident determination
Containment
  • Incident scoping
  • Artifact collection
  • Investigation
Eradication
  • Hash banning
  • Removing artifacts
  • Continuous monitoring
Recovery
  • Rebuilding endpoints
  • Getting to a more secure state
Lessons Learned
  • Tuning Carbon Black EDR
  • Incident close out