Course Outline
Pre-Requisites
Students must be familiar with enterprise security concepts.
Lessons
Learn how to protect endpoint against exploits and malware-driven attacks using Cortex XDR.
In this three-day hands-on course, you will learn how to install Cortex XDR agents, manage content updates, and configure and manage the management console to protect endpoints against exploits and malware-driven attacks. You will gain an understanding of fileless attacks and how to stop them with behavior threat protection.
You will also learn to build policy rules and profiles, and work with incidents and alerts including triaging, analyzing, and investigating, and how to respond to prevention and network alerts.
WHO SHOULD ATTEND?
Cybersecurity analysts and security operations specialists.
WHAT YOU'LL LEARN
- Differentiate the architecture and components of Cortex XDR
- Describe the threat prevention concepts for endpoint protection
- Work with the Cortex XDR management console
- Differentiate exploit and malware attacks and describe how Cortex XDR blocks them
- Perform appropriate response actions
- Describe the Cortex XDR causality analysis and analytic concepts
- Triage and investigate alerts and manage incidents
- Manage Cortex XDR rules and investigate threats through the Query Center
COURSE OUTLINE
- Module 1: Cortex XDR Family Overview
- Module 2: Working with the Cortex Apps
- Module 3: Getting Started with Endpoint Protection
- Module 4: Malware Protection
- Module 5: Exploit Protection
- Module 6: Exceptions and Response Actions
- Module 7: Behavioral Threat Analysis
- Module 8: Cortex XDR Rules
- Module 9: Incident Management
- Module 10: Search and Investigate
- Module 11: Basic Troubleshooting
Cancellation Policy
We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.
Training Location
Online Classroom
your office
your city,
your province
your country
I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from the capturing of what was presented as it was 5-6 hours of watching a screen before getting to the actual labs. There has to be a better way to lay out this particular course. In my previous course, the lectures were broken up by labs which worked out fantastic and kept you engaged in the course. There were days when in order to actually complete the labs, would go over the 9PM day end time frame. Was able to get the primary labs done, but if you want to get all the content completed, you cannot complete it in the window of this course, you will need to come back on your own time.