Special Notices


Overview

This one-day course teaches you how to configure and scope the rules within VMware Carbon Black® App Control™ product to maintain the system according to your organization’s security posture and organizational policies. Additionally, this course covers troubleshooting both the server and the agent for Carbon Black App Control and how to identify issues that impact normal operations. This course provides an in-depth, technical understanding of the Carbon Black App Control product through comprehensive coursework and hands-on scenario-based labs.

Prerequisites

This course requires completion of one following course:

  • VMware Carbon Black App Control Administrator

Delegates will learn how to

  • Manage and configure the Carbon Black App Control sever based on organizational requirements
  • Implement rules to support business processes and automatic approvals
  • Identify scenarios and use cases for Custom rules and Event rules
  • Describe common troubleshooting scenarios for the Carbon Black App Control server
  • Describe common troubleshooting scenarios for the Carbon Black App Control Windows agentv

Outline

1 Course Introduction

  • Introductions and course logistics
  • Course objectives

2 Custom Rules Basics

  • Execute / Write action rules
  • Precedence
  • Paths

3 Custom Rules Best Practices

  • Rule Triad
  • Rule multiplication

4 Rule Types

  • Custom rule type overview

5 Optimizing Custom Rules

  • Evaluating events

6 Event Rules

  • Creating and editing
  • Testing before implementing

7 Troubleshooting Considerations

  • Server versus agent issues

8 Server Capabilities

  • Tools, logs, common issues, scenarios

9 Agent Capabilities

  • Tools, logs, common issues, scenarios

Please complete this form and we'll be in touch

Hide form
Please enter a date or timescale
Please type in a preferred location or region...