In this section, you will go through the experience of a SOC analyst, working from within the Carbon Black Cloud console. We will be investigating what happened.
1. Let the games begin of threat hunting
A few things you want to keep handy for the next steps:
- Log into Carbon Black Cloud.
- Make a note of your logged in TestDrive windows VDI hostname and IP.
Once you know the hostname and you are logged into CB console, proceed with the next steps.
2. Access Carbon Black Cloud Console
- On the desktop, you will find a text file ReadMe
- In this ReadMe text file, you will find all the information about how to log into Carbon Black Cloud
3. VDI hostname and IP.
In the task bar at the bottom of the dekstop, click on the serach bar.
4. Command Prompt
Type in "command prompt"
Click on Open
5. Systeminfo
Type in "systeminfo" and hit enter
Take note of the Hostname and IP address(es)