The VMware Carbon Black Portfolio Skills exam badge validates candidate’s knowledge on how to use the capabilities of the products according to the organization’s security posture and organizational policies.
If a section is missing from the list below, please note it is because the exam has no testable objectives for that section The objective numbering may be references in your score report at the end of your testing event for further preparation should a retake of the exam be necessary.
Section 1 — Introduction — There are no testable objectives for this section Section 2 - VMware Products and Solutions
Objective 2 1: Given a scenario about App Control user accounts with privileges, identify how they shoula be
Objective 2.2: Identify the characteristics of enforcement levels in App Control
Objective 2.3: Given an App Control use case, identify the enforcement level that shoula be usea.
Objective 2.4: Given an App Control use case, identify computers that meet the specifies state or conaition. Objective 2.5: Give a scenario about managing an endpoint, identify how to accomplish this with App Control Objective 2.6: Given an ADp Control use case, iaentify the requires rule type that shoula be usea.
Objective 2 7: Given a scenario where alerting is needed, iaentify the criterion that shoula be confipurea in App
Objective 2.8: Given an event in App Control, iaentify the components, the event type, or the meaning of the event.
Section 3 - VMware Carbon Black EDR
Objective 3.1: Identify the EDR components and data flows.
Objective 3.2: Given a scenario, iaentify how to manage ana configure EDR Sensor groups. Objective 3.3: Given a scenario including a search in EDR, iaentify what is being searched for. Objective 3.4: Given a scenario including a graphic in EDR, analyze the aata given.
Objective 3.5: Identify the characteristic of a binary search and banning binaries in EDR. Objective 3.6: Identify characteristics that impact search performance in EDR. Objective 3.7: Identify how and when to use and configure feeds in EDR.
Objective 3.8: Identify how to create ana review watchlists I EDR.
Objective 3.9: Given a scenario about an alert, iaentify the proper response mechanism in EDR.
Section 4 - VMware Carbon Black Cloua Enapoint Stanaara
Objective 4 1: Identify the communication process ana requirements for Sensor to server comms in Endpoint Stanaara.
Objective 4.2: Given a scenario including a search in Cloud Endpoint incluaing results, analyze the results. Objective 4.3: laentify characteristics of policy-centered components and sensor options in Cloua Enapoint. Objective 4.4: Identify the characteristics of permissions and blocking and isolation rules for Cloud Enapoint. Objective 4.5: Identify the impact of reputation on rules in Cloud Endpoint.
Objective 4.6: Identify the structure of an alert in Cloua Enapoint.
Objective 4 7: Given a scenario about an alert incluainp the investigation and triape papes, iaentify the components of the alert in Cloua Enapoint.
Objective 4.8: Given a scenario about an alert, identify how to respond using a Cloud Endpoint response option.
Section 5 - VMware Carbon Black Cloua Enterprise EDR
Objective 5.1. Given a scenario including a watchlist, identify the components of the watchlist in Cloud Enterprise
Objective 5.2: Identify the structure of an alert in Cloua Enterprise EDR.
Objective 5.3: Given a scenario about an alert incluaing the process ana binary analysis pages, iaentify the components of the alert in Cloud Enterprise EDR.
Objective 5.4: Given a scenario about an environment, and an example and a goal, identify the query that should be created to accomplish the goal.
Objective 5.5: Given a scenario a bout an alert, identify how to respona using a Cloua Enterprise EDR response option
Section 6 - VMware Carbon Black Cloua Auait ana Remeaiation
Objective 6.1: Identify how to perform basic queries with OSQuery in Cloud Audit and Remediation
Objective 6.2: Given a query, identify the framework or structure of the query in Cloua Auait ana Remeaiation