Use this quick start guide to collect all the information about Broadcom Carbon Black Endpoint Detection and Response Technical Specialist (250-601) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the 250-601 Symantec Carbon Black Endpoint Detection and Response Technical Specialist exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual Broadcom Carbon Black Endpoint Detection and Response Technical Specialist certification exam.
The Broadcom Carbon Black Endpoint Detection and Response Technical Specialist certification is mainly targeted to those candidates who want to build their career in Carbon Black domain. The Broadcom Symantec Carbon Black Endpoint Detection and Response Technical Specialist exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of Broadcom Carbon Black Endpoint Detection and Response Technical Specialist.
Broadcom Carbon Black Endpoint Detection and Response Technical Specialist Exam Summary:
Exam Name | Broadcom Symantec Carbon Black Endpoint Detection and Response Technical Specialist |
Exam Code | 250-601 |
Exam Price | $250 (USD) |
Duration | 90 mins |
Number of Questions | 65 |
Passing Score | 70% |
Books / Training | VMware Carbon Black EDR Install, Configure, Manage [V7.x] - On Demand |
Schedule Exam | Broadcom |
Sample Questions | Broadcom Carbon Black Endpoint Detection and Response Technical Specialist Sample Questions |
Practice Exam | Broadcom 250-601 Certification Practice Exam |
Broadcom 250-601 Exam Syllabus Topics:
Topic | Details |
---|---|
API | - Describe the function of RestAPI and CbAPI |
Certificates | - Understand the requirements for custom sensor to server communication |
Data Storage |
- Understand the role of Solr on the EDR server for data storage. - Understand the role of Postgres on the EDR server. - Understand the difference between physical binaries and binary metadata - Understand what happens to binaries when sharing with Alliance |
Live Response | - Understand the use of live response and the basic commands that are available. |
OER |
- Understand the resource requirements for the EDR server - Understand the difference between standalone and cluster and when a cluster is needed. - Understand endpoint OS types and the amount of data they generate. |
Searching |
- Understand how to craft basic process and binary searches - Understand search queries that create performance issues and should be avoided. - Understand the different options available for process versus binary searches. |
Sensors |
- Understand the options to filter sensors in the EDR console. - Understand the sensor information in the server dashboard for licensing. - Understand Isolation and how sensors are able to communicate with the server under isolation. - Understand the installation and upgrade options for the sensor. - Understand the action options available on the sensors page. - Understand the function of banning and the limits with this feature. |
Server Architecture |
- Understand the role of the EDR server. - Understand and differentiate the data that is stored within Solr cores and Postgres and their storage locations. - Understand the role of the different services that make up the EDR server. |
Server Install and Upgrade |
- Understand the installation process of the EDR application and upgrades - Understand the process for adding a minion node to a cluster. |
Thread Feeds and Watchlists |
- Understand the difference between watchlist and threat feeds. - Understand how queries are stored and formatted. - Understand the options available for notifications. - Understand the use case for watchlist expiration and how they affect how a watchlist will run. - Understand the triage alerts page and the link to watchlists and feeds. |
User Management |
- Understand the roles, teams and enhanced permissions available for users. - Understand the available SSO integrations with the EDR console. |
VDI |
- Understand the difference in VDI enabling and match options. - Understand the tasks to perform when generating an image for cloning |
To ensure success in Broadcom Carbon Black Endpoint Detection and Response Technical Specialist certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Symantec Carbon Black Endpoint Detection and Response Technical Specialist (250-601) exam.