Cortex XDR: Prevention and Deployment (EDU-260)

 

Chi dovrebbe partecipare

Cybersecurity analysts and engineers, and security operations specialists

Prerequisiti

Participants must be familiar with enterprise security concepts.

Obiettivi del Corso

This course is three days of instructor-led training that will help you to:

  • Differentiate the architecture and components of the Cortex XDR family
  • Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub
  • Activate Cortex XDR, deploy the agents, and work with the management console
  • Work with the Cortex XDR management console, describe a typical management page, and work with the tables and filters
  • Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles
  • Create and manage exploit and malware profiles, and perform response actions
  • Describe detection challenges with behavioral threats
  • Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them
  • Describe the Cortex XDR causality analysis and analytics concepts
  • Triage and investigate alerts and incidents, and create alert starring and exclusion policies
  • Work with the Causality and Timeline Views and investigate threats in the Query Center

Successful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance; create agent installation packages to install the Cortex XDR agents; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioral threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder.

Contenuti del Corso

  • 1. Cortex XDR Family Overview
  • 2. Working with the Cortex Apps
  • 3. Getting Started with Endpoint Protection
  • 4. Malware Protection
  • 5. Exploit Protection
  • 6. Exceptions and Response Actions
  • 7. Behavioral Threat Analysis
  • 8. Cortex XDR Rules
  • 9. Incident Management
  • 10. Alert Analysis Views
  • 11. Search and Investigate
  • 12. Basic Troubleshooting

Prezzo & Delivery methods

Online Training

Durata
3 Giorni

Prezzo
  • 2.550,– €
Date e prenotazione
Richiedi una data
Formazione in Aula

Durata
3 Giorni

Prezzo
  • Italia: 2.550,– €
Date e prenotazione
Richiedi una data

Schedulazione

Al momento non esistono edizioni in italiano.

Richiedi una data

Inglese

Fuso orario: Central European Summer Time (CEST)   ±1 Ora

Online Training Fuso orario: British Summer Time (BST)
Online Training Fuso orario: British Summer Time (BST)
Online Training Fuso orario: Greenwich Mean Time (GMT)

7 ore spostamento del fuso orario

Online Training Fuso orario: Central Daylight Time (CDT) Erogazione garantita
Online Training Fuso orario: Central Daylight Time (CDT) Erogazione garantita
Online Training Fuso orario: Central Standard Time (CST)
Online Training Fuso orario: Central Standard Time (CST)

9 ore spostamento del fuso orario

Online Training Fuso orario: Pacific Daylight Time (PDT)
Online Training Fuso orario: Pacific Daylight Time (PDT)
Guaranteed date:   Fast Lane garantirà il corso indipendentemente dal numero dei partecipanti
Instructor-led Online Training:   Questo è un corso Online
Questo è un corso FLEX, erogato sia in aula che in remoto, contemporaneamente.

Al momento non ci sono date italiane disponibili.

Richiedi una data

Europa

Germania

Amburgo
Berlino
Amburgo
Monaco
Berlino
Questo è un corso FLEX, erogato sia in aula che in remoto, contemporaneamente.