EDU-262
Cortex XDR: Investigation and Response
Price:
Duration:
USD 1,375 excl. VAT
2 days
“Fast Lane is an Authorized Global Training Partner in cooperation with Consigas”.
Prerequisites
Participants must have taken the course EDU-260
(Cortex XDR: Prevention and Deployment).
What you’ll learn in this course
Learn how to activate a Cortex XDR instance
Create agent-installation packages and Security policies and profiles to protect endpoints against multistage, fileless attacks built using malware and exploits.
Objectives
Successful completion of this instructor-led course with hands-on lab activities should enable participants to:
Investigate and manage incidents
Describe the Cortex XDR causality and analytics concepts
Analyze alerts using the Causality and Timeline Views
Work with Cortex XDR Pro actions such as remote script execution
Create and manage on-demand and scheduled search queries in the Query Center
Successful completion of this instructor-led course with hands-on lab activities should enable participants to:
Investigate and manage incidents
Describe the Cortex XDR causality and analytics concepts
Analyze alerts using the Causality and Timeline Views
Work with Cortex XDR Pro actions such as remote script execution
Create and manage on-demand and scheduled search queries in the
Course Outline
Cortex XDR Incidents
Causality and Analytics Concepts
Causality Analysis of Alerts
Advanced Response Actions
Building Search Queries
Building XDR Rules
Cortex XDR Assets
Introduction to XQL
External Data Collection
Further information
