Improve your experience. We are very sorry but this website does not support Internet Explorer. We recommend using a different browser that is supported such as Google Chrome or Mozilla Firefox.

Palo Alto Networks EDU-260

Cortex XDR 2: Prevention, Analysis, and Response (21 Training Credits)

Description

This course is three days of instructor-led training that will help you to:

  • Differentiate the architecture and components of the Cortex XDR family
  • Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub
  • Activate Cortex XDR, deploy the agents, and work with the management console
  • Work with the Cortex XDR management console, describe a typical management page, and work with the tables and filters
  • Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles
  • Create and manage exploit and malware profiles, and perform response actions
  • Describe detection challenges with behavioral threats
  • Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them
  • Describe the Cortex XDR causality analysis and analytics concepts
  • Triage and investigate alerts and incidents, and create alert starring and exclusion policies
  • Work with the Causality and Timeline Views and investigate threats in the Query Center 

Course Modules

  • Module 1. Cortex XDR Family Overview
  • Module 2. Working with the Cortex Apps
  • Module 3. Getting Started with Endpoint Protection
  • Module 4. Malware Protection
  • Module 5. Exploit Protection
  • Module 6. Exceptions and Response Actions
  • Module 7. Behavioral Threat Analysis
  • Module 8. Cortex XDR Rules
  • Module 9. Incident Management
  • Module 10. Alert Analysis Views
  • Module 11. Search and Investigate
  • Module 12. Basic Troubleshooting

Objectives

Successful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance; create agent installation packages to install the Cortex XDR agents; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioral threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder. 

Prerequisites

Participants must be familiar with enterprise security concepts. 

Target Audience

Cybersecurity analysts and engineers, and security operations specialists 

Similar courses

Palo Alto Networks EDU-210

Firewall 9.1 Essentials: Configuration and Management (35 Training Credits)

More Information
Palo Alto Networks EDU-214

Firewall 9.1: Optimizing Firewall Threat Prevention (28 Training Credits)

More Information
Palo Alto Networks EDU-330

Firewall 9.1: Troubleshooting (21 Training Credits)

More Information
Palo Alto Networks EDU-220

Panorama 9.1: Managing Firewalls at Scale (14 Training Credits)

More Information
Palo Alto Networks EDU-318-LO

Prisma Access SASE Security: Design and Operation (Lecture Only)

More Information
Palo Alto Networks Basic Administrator

Palo Alto Networks, Basic Firewall Administration Training

More Information
Palo Alto Networks PCNSE Exam Workshop

Palo Alto Networks, PCNSE Exam Prep Workshop

More Information

Press enter to see more results