Cortex XDR: Investigation and Response (EDU-262) Training

Course Description

This instructor-led training shows you how to use the Cortex XDR management console's Incidents pages to look into assaults. It defines causality chains, alerts versus logs, the Analytics Engine's detectors, log stitching, and the ideas of analytics and causation. You will gain knowledge of how to utilize the EDL service, remote script execution, and remedial recommendations, as well as the Causality and Timeline Views to analyze alerts.

How to make use of the data gathered is covered in depth throughout several modules. In one section, you'll craft standard query formats, while in another, you'll develop XDR policies. The lesson shows how to use investigation views like IP and Hash Views to examine artifact information graphically. In addition, XQL (XDR Query Language) is introduced. The last section of the course covers the Cortex XDR API for receiving external alerts and other forms of external data collecting.

Prerequisites for this training

• Cortex XDR: Prevention, Analysis, and Response (EDU-260)

Who should attend this course?

• Cybersecurity analysts and engineers, and security operations specialists

Schedules

What you will learn

• Examine and handle incidents
• Describe the causality and analytics ideas used in Cortex XDR.
• Utilize the Causality and Timeline to analyze alerts Views
• Use Cortex XDR Pro features like remote script execution.
• In the Query Centre, create and manage ad-hoc and planned search queries.
• Create and maintain the BIOC and IOC Cortex XDR rules.
• Utilizing the resources and stockpiles of Cortex XDR
• To search datasets, create XQL searches and see the results,
• Utilize the external-data collecting feature of Cortex XDR

With Microtek Learning, you’ll receive:

• Certified Instructor-led training
• Industry Best Trainers
• Official Training Course Student Handbook
• Pre and Post assessments/evaluations
• Collaboration with classmates (not available for a self-paced course)
• Real-world knowledge activities and scenarios
• Exam scheduling support*
• Learn and earn program*
• Practice Tests
• Knowledge acquisition and exam-oriented
• Interactive online course.
• Support from an approved expert
• For Government and Private pricing*

* For more details call: +1-800-961-0337 or Email: info@microteklearning.com

Our Clients

For many years, Microtek Learning has been helping organizations, leaders, and professionals to reach their maximum performance by addressing the challenges they are facing.

• 300+ enterprise clients
• 100,000+ professionals trained
• Service 70 of the Fortune 100
• 96% of our clients would recommend us

Our Awards

REVIEWS ON OUR POPULAR COURSES

I was sceptical at first whether to enrol with Microtek Learning or not, however, I am glad that I did- I got everything that was promised (maybe more). The trainer was very patient and knowledgeable and with his effort and mine, I was able to clear the exam with ease! Keep up the good work everyone.

MARTIN

TORONTO, CANADA

• (5)

I'm really impressed with the storytelling skills of the instructor. She makes the session exciting by keeping things simple and easy to understand.

Prince N.

Texas

• (5)

I was recommended the ITIL 4 Foundation course by an IT professional who had completed the same course at Microtek Learning. The training gave me a thorough understanding of service management that I felt I could take back to my job as an IT Project Management and apply it to improve the value of products and services.

Marsh George

Texas

• (5)