Cortex XDR:Prevention,Analysis ,and Response (EDU-260)
Trenutno nemamo zakazane termine
Zatražite terminCiljevi
This course is three days of instructor-led training that will help you to:
- Differentiate the architecture and components of the Cortex XDR family
- Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub
- Activate Cortex XDR, deploy the agents, and work with the management console
- Work with the Cortex XDR management console, describe a typical management page, and work with the tables and filters
- Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles
- Create and manage exploit and malware profiles, and perform response actions
- Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them
- Describe the Cortex XDR causality analysis and analytics concepts
- Triage and investigate alerts and incidents, and create alert starring and exclusion policies
- Work with the Causality and Timeline Views and investigate threats in the Query Center
- Enable the Host Insights add-on and work with the insights and the Asset View
- Use Vulnerability Management, and work with the Asset Management and the IP View
Objectives: Successful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance; create agent installation packages to install the Cortex XDR agents; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioral threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder.
Trajanje
3 dana (8h/day)
Zahtevi
Participants must be familiar with enterprise security concepts.
Target Audience: Cybersecurity analysts and engineers, and security operations specialists
Sadržaj
- Cortex XDR Family Overview
- Working with Cortex Apps
- Getting Started with Endpoint Protection
- Malware Protection
- Exploit Protection
- Exceptions and Response Actions
- Basic Troubleshooting
- Behavioral Threat Analysis
- Cortex XDR Rules
- Incident Management
- Alert Analysis Views
- Search and Investigate
- Investigation Views
- Host Insights
Hvala na interesovanju.
Potrudićemo se da odgovorimo na Vaš zahtev u najkraćem mogućem roku i organizujemo termin.
Hvala na interesovanju.
Odgovorićemo na Vaš zahtev u najkraćem mogućem roku.
Hvala na interesovanju.
Potrudićemo se da odgovorimo na Vaš zahtev u najkraćem mogućem roku i organizujemo termin.
Trening sale
ALEF Trening centri u Adriatic regiji imaju na raspolaganju po jednu trening salu kapaciteta 12 mesta.
Svaka učionica je opremljena sa projektorom i tablom, internet konekcijom i računarom predavača. Kao radna stanica studentima služe personalni računari sa pristupom Cisco opremi. Praktična obuka omogućava studentima da steknu veštine potrebne za konfiguraciju opreme.
CZ
ALEF Trening centar ima na raspolaganju pet trening sali. Tri učionice su nazvane po kontinentima – Australija koja ima kapacitet 8 mesta, Afrika i Evropa imaju svaka po 12 mesta – kapacitet se dopunjava pomoću učionice sa opremom (12 mesta) i pomoću centra za kompetenciju (18 mesta).
SK
ALEF ima na raspolaganju 4 trening sale. Imenovane su po gradovima sveta. Sidnej ima kapacitet 16 mesta, Roterdam i Hamburg imaju 12 mesta svaka dok New York ima 8 mesta
HU
ALEF Trening centar ima 3 trening sale. Imenovane su po gradovima zemalja u kojim ALEF posluje. Prag ima kapacitet 12 mesta, Bratislava i Budimpešta imaju 8 mesta svaka.
Beograd
Prag
Bratislava
Budimpešta
Tim predavača
Raspolažemo sa timom od preko 50 predavača, nudimo kompletan spektar tehnološkog znanja za ruting i switching, za bezbednost i saradnju između centara podataka. Stručnost instruktora dokazuje niz međunarodnih sertifikata najvišeg nivoa.
Jedinstvenost naših predavača sastoji se uglavnom u njihovom bogatom iskustvu u pojedinim projektima, i ovako su u stanju da vrlo fleksibilno reaguju na predloge polaznika kursa ili kod odgovaranja na postavljena pitanja, isto kao i kod prenošenje svojih praktičnih znanja polaznicima. Zahvaljujući pouzdanom radu kompanije i dugogodišnjem iskustvu, vrlo smo fleksibilni u reagovanju na projekte koji se pripremaju na stručnom području Cisco-a, i na osnovu toga možemo Vam garantovati širok spektar sertifikovanih kurseva koji će vama i vašim kolegama omogućiti da steknete potrebno stručno znanje za buduće testove sertifikacije.
