Live Online Training
5 halve dager [+]
What you learn
The Palo Alto Networks Cortex XDR: Prevention, Analysis, and Response (EDU-260) course for advanced endpoint protection and remediation is an instructor-led training that will help you to:
Differentiate the architecture and components of the Cortex XDR family
Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub
Activate Cortex XDR, deploy the agents, and work with the management console
Work with the Cortex XDR management console, describe a typical management page and work with the tables and filters
Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles
Create and manage exploit and malware profiles, and perform response actions
Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them
Describe the Cortex XDR causality analysis and analytics concepts
Triage and investigate alerts and incidents, and create alert starring and exclusion policies
Work with the Causality and Timeline Views and investigate threats in the Query Center
Enable the Host Insights add-on and work with the insights and the Asset View
Use Vulnerability Assessment, and work with the Asset Management and the IP View
The Cortex XDR course teaches students how the Cortex XDR agent protects against exploits and malware-driven attacks. In hands-on lab exercises, students will explore and configure the Cortex XDR management platform and install Cortex XDR agent as well as relevant components; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioural threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules, and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder.
It’s impossible to remember everything in live training, which is why we are recording the online class and share the video with you. If you like to start studying right away, we can share the videos of a previous course and lab access immediately once your booking is confirmed.
Lab access for 3 months
You will have access to your own dedicated lab which you can use not only during the class but for a full three months without any time or usage limit. Your virtual lab consists of a dedicated Windows and a Linux Client as well as access to a shared Cortex XDR instance for practical exercises as described in the lab guide.
The Cortex XDR: Prevention, Analysis, and Response (EDU-260) course is not linked to any Palo Alto Networks certification.
Participants must be familiar with enterprise security concepts. [-]