Cortex XDR Configuration and Management Training
This 3-day raining enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and demonstrates how to install agents on your endpoints and how to create Security profiles and policies.
The training enables you to perform and track response actions, tune profiles, and work with Cortex XDR alerts. It concludes by discussing basic troubleshooting of the agent, the on-premises Broker VM component, and Cortex XDR deployment.
The course includes hands-on exercises in a lab environment to reinforce the learned material.
Objectives
The main objectives of the 3-days course are:
- Describe the architecture and components of the Cortex XDR family
- Use the Cortex XDR management console, including reporting
- Create Cortex XDR agent installation packages, endpoint groups, and policies
- Deploy Cortex XDR agents on endpoints
- Create and manage Exploit and Malware Prevention profiles
- Investigate alerts and prioritize them using starring and exclusion policies
- Tune Security profiles using Cortex XDR exceptions
- Perform and track response actions in the Action Center
- Perform basic troubleshooting related to Cortex XDR agents
- Deploy a Broker VM and activate the Local Agents Settings applet
- Understand Cortex XDR deployment concepts and activation requirements
- Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization
Course Modules
- Cortex XDR Overview
- Cortex XDR Main Components
- Cortex XDR Management Console
- Profiles and Policy Rules
- Malware Protection
- Exploit Protection
- Cortex XDR Alerts
- Tuning Policies Using Exceptions
- Response Actions
- Basic Agent Troubleshooting
- Broker VM Overview
- Deployment Considerations
Target Audience
Cybersecurity analysts/engineers and security operations specialists, , as well as administrators and product deployers
Prerequisites
Participants must be familiar with enterprise product deployment, networking, and security concepts.
Course Materials
The course materials can be obtained as hardcopy (paper) or as eBook.
The eBooks are made available via the onSecure platform, which can be accessed online via the browser or offline via the Kitaboo app (Windows, Mac, iOS, Android). Within the platform or the app, you have the option of searching in the course materials, setting bookmarks, highlighting text passages, creating notes and printing out the content.
Further information
The price is exclusive VAT, including training materials. The training materials are in English.
Links
Course description (pdf)