Who should attend
- Cybersecurity Analysts
- Cybersecurity Engineers
- Security Operations Specialists
Prerequisites
Participants must be familiar with enterprise product deployment, networking, and security concepts
Course Objectives
Successful completion of this instructor-led course with hands-on lab activities should enable you to:
- Describe the architecture and components of the Cortex XDR family
- Use the Cortex XDR management console, including reporting
- Create Cortex XDR agent installation packages, endpoint groups, and policies
- Deploy Cortex XDR agents on endpoints
- Create and manage Exploit and Malware Prevention profiles
- Investigate alerts and prioritize them using starring and exclusion policies
- Tune Security profiles using Cortex XDR exceptions
- Perform and track response actions in the Action Center
- Perform basic troubleshooting related to Cortex XDR agents
- Deploy a Broker VM and activate the Local Agents Settings applet
- Understand Cortex XDR deployment concepts and activation requirements
- Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization
Detailed Course Outline
Course Modules
- 1 - Cortex XDR Introduction
- 2 - Cortex XDR Main Components
- 3 - Cortex XDR Management Console
- 4 – Profiles and Policies
- 5 - Malware Protection
- 6 - Exploit Protection
- 7 - Cortex XDR Alerts
- 8 – Exclusions and Exceptions
- 9 - Response Actions
- 10 - Basic Troubleshooting
- 11 - Broker VM Overview
- 12 - Deployment Considerations