Description
Who should attend
- Cybersecurity Analysts
- Cybersecurity Engineers
- Security Operations Specialists
- Cybersecurity Administrators & Product Deployer’s
Prerequisites
Participants must be familiar with enterprise product deployment, networking, and security concepts
Course Objectives
Successful completion of this instructor-led course with hands-on lab activities should enable the students to:
- Describe the architecture and components of the Cortex XDR family
- Use the Cortex XDR management console, including reporting
- Create Cortex XDR agent installation packages, endpoint groups, and policies
- Deploy Cortex XDR agents on endpoints
- Create and manage Exploit and Malware Prevention profiles
- Investigate alerts and prioritize them using starring and exclusion policies
- Tune Security profiles using Cortex XDR exceptions
- Perform and track response actions in the Action Center
- Perform basic troubleshooting related to Cortex XDR agents
- Deploy a Broker VM and activate the Local Agents Settings applet
- Understand Cortex XDR deployment concepts and activation requirements
- Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization
Outline: Cortex XDR: Prevention, Analysis, and Response (EDU-260)
Course Modules
- 1. Cortex XDR Overview
- 2. Cortex XDR Main Components
- 3. Cortex XDR Management Console
- 4. Policy Rules and Profiles
- 5. Malware Protection
- 6. Exploit Protection
- 7. Cortex XDR Alerts
- 8. Response Actions
- 9. Tuning Policies using Exceptions
- 10. Basic Agent Troubleshooting
- 11. Broker VM Overview
- 12. Deployment Considerations
