Overview
Objectives
By the end of this course, leaner will be able to:
- Describe the architecture and components of the Cortex XDR solution and its management console.
- Configure and deploy Cortex XDR agents on endpoints and create endpoint groups.
- Create and manage exploit and malware prevention profiles to strengthen security.
- Investigate and prioritize alerts, tuning security profiles as needed.
- Perform response actions, troubleshoot agents, and deploy a Broker VM.
Prerequisites
- Basic understanding of endpoint security concepts.
- Familiarity with malware prevention and threat detection practices.
- Experience with endpoint protection or security management systems.
- Knowledge of Windows or Linux operating systems.
- Understanding of network fundamentals and endpoint configurations.
Course Outline
- Overview of Cortex XDR components, architecture, and deployment scenarios.
- Exploring the management console for reporting, creating endpoint groups, and policy management.
- Hands-on creation of installation packages and deployment of agents on endpoints, with configuration of Exploit and Malware Prevention profiles.
- Techniques for investigating and prioritizing alerts, utilizing starring and exclusion policies for effective threat management.
- Performing basic troubleshooting, deploying a Broker VM, and using the Local Agents Settings applet.