Wir beraten Sie gerne!
+49 40 253346-10     Kontakt

Online-Trainings im virtuellen Klassenraum,
E-Learning-Angebote und mehr

Jetzt informieren

Cortex XDR 2: Prevention, Analysis, and Response (EDU-260)

 

Who should attend

Cybersecurity analysts and engineers, and security operations specialists

Prerequisites

Participants must be familiar with enterprise security concepts.

Course Objectives

This course is three days of instructor-led training that will help you to:

  • Differentiate the architecture and components of the Cortex XDR family
  • Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub
  • Activate Cortex XDR, deploy the agents, and work with the management console
  • Work with the Cortex XDR management console, describe a typical management page, and work with the tables and filters
  • Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles
  • Create and manage exploit and malware profiles, and perform response actions
  • Describe detection challenges with behavioral threats
  • Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them
  • Describe the Cortex XDR causality analysis and analytics concepts
  • Triage and investigate alerts and incidents, and create alert starring and exclusion policies
  • Work with the Causality and Timeline Views and investigate threats in the Query Center

Successful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance; create agent installation packages to install the Cortex XDR agents; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioral threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder.

Course Content

  • 1. Cortex XDR Family Overview
  • 2. Working with the Cortex Apps
  • 3. Getting Started with Endpoint Protection
  • 4. Malware Protection
  • 5. Exploit Protection
  • 6. Exceptions and Response Actions
  • 7. Behavioral Threat Analysis
  • 8. Cortex XDR Rules
  • 9. Incident Management
  • 10. Alert Analysis Views
  • 11. Search and Investigate
  • 12. Basic Troubleshooting
Online Training

Dauer 3 Tage

Preis (exkl. MwSt.)
  • Country: DE
    2.100,- €
Digitale Kursunterlagen
Classroom Training

Dauer 3 Tage

Preis (exkl. MwSt.)
  • Deutschland:
    Country: DE
    2.100,- €
Digitale Kursunterlagen

Kurstermine

Garantietermin:   Kursdurchführung unabhängig von der Teilnehmerzahl garantiert. Ausgenommen sind unvorhersehbare Ereignisse (z.B. Unfall, Krankheit des Trainers), die eine Kursdurchführung unmöglich machen.
Instructor-led Online Training:   Kursdurchführung online im virtuellen Klassenraum.
FLEX Classroom Training (Hybrid-Kurs):   Kursteilnahme wahlweise vor Ort im Klassenraum oder online vom Arbeitsplatz oder von zu Hause aus.
Englisch
1 Stunde Differenz
Online Training Zeitzone: British Summer Time (BST)
Online Training Dies ist ein FLEX-Kurs in Englisch.
Zeitzone: British Summer Time (BST)
Online Training Dies ist ein FLEX-Kurs in Englisch.
Zeitzone: Greenwich Mean Time (GMT)
6 Stunden Differenz
Online Training Zeitzone: Central Daylight Time (CDT) Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) Garantietermin!
7 Stunden Differenz
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
Online Training Zeitzone: Central Daylight Time (CDT) 2 Tage Garantietermin!
FLEX Classroom Training (Hybrid-Kurs):   Kursteilnahme wahlweise vor Ort im Klassenraum oder online vom Arbeitsplatz oder von zu Hause aus.
Deutschland

Zur Zeit sind keine Termine verfügbar.  Fragen Sie an via info@flane.de.

FLEX & Online Training

Weiter unten finden Sie alternativ unsere Kurse mit FLEX-Option in englischer Sprache

London, City Dies ist ein FLEX-Kurs in Englisch.
Zeitzone: Greenwich Mean Time (GMT)