Résumé du cours
This instructor-led training basically enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console, showing you how to install the agents on your endpoints and also how to create security profiles and policies. The training also helps you understand how to perform and track response actions, tune profiles, and work with Cortex XDR alerts. The training ends up with introductory modules basic troubleshooting of the agent, on-premises Broker VM component, and Cortex XDR deployment.
A qui s'adresse cette formation
- Cybersecurity Analysts
- Cybersecurity Engineers
- Security Operations Specialists
- Cybersecurity Administrators & Product Deployer's
Pré-requis
Participants must be familiar with enterprise product deployment, networking, and security concepts
Objectifs
Successful completion of this instructor-led course with hands-on lab activities should enable the students to:
- Describe the architecture and components of the Cortex XDR family
- Use the Cortex XDR management console, including reporting
- Create Cortex XDR agent installation packages, endpoint groups, and policies
- Deploy Cortex XDR agents on endpoints
- Create and manage Exploit and Malware Prevention profiles
- Investigate alerts and prioritize them using starring and exclusion policies
- Tune Security profiles using Cortex XDR exceptions
- Perform and track response actions in the Action Center
- Perform basic troubleshooting related to Cortex XDR agents
- Deploy a Broker VM and activate the Local Agents Settings applet
- Understand Cortex XDR deployment concepts and activation requirements
- Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization
Suite de parcours
Outline: Cortex XDR: Prevention, Analysis, and Response (EDU-260)
Course Modules
- 1. Cortex XDR Overview
- 2. Cortex XDR Main Components
- 3. Cortex XDR Management Console
- 4. Policy Rules and Profiles
- 5. Malware Protection
- 6. Exploit Protection
- 7. Cortex XDR Alerts
- 8. Response Actions
- 9. Tuning Policies using Exceptions
- 10. Basic Agent Troubleshooting
- 11. Broker VM Overview
- 12. Deployment Considerations