This instructor-led training enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and demonstrates how to install agents on your endpoints and how to create Security profiles and policies. The training enables you to perform and track response actions, tune profiles, and work with Cortex XDR alerts. The training concludes with discussions about basic troubleshooting of the agent, the on-premises Broker VM component, and Cortex XDR deployment.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

Successful completion of this instructor-led course with hands-on lab activities should enable you to:
Describe the architecture and components of the Cortex XDR family
Use the Cortex XDR management console
Create Cortex XDR agent installation packages, endpoint groups, and policies
Deploy Cortex XDR agents on endpoints
Create and manage exploit and malware prevention profiles
Investigate alerts and prioritize them using starring and exclusion policies
Tune Security profiles using Cortex XDR exceptions
Perform and track response actions in the Action Center
Perform basic troubleshooting related to Cortex XDR agents
Deploy a Broker VM and activate the Local Agents Settings applet
Understand Cortex XDR deployment concepts and activation requirements
Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization

  • Module 1 - Cortex XDR Family Overview

    Module 2 - Cortex XDR Main Components

    Module 3 - Cortex XDR Mangement Components

    Module 4 - Profiles and Policy Rules

    Module 5 - Malware Protection

    Module 6 - Exploit Protection

    Module 7 - Cortex XDR Alerts

    Module 8 - Tuning Policies using Exceptions

    Module 9 - - Response Actions

    Module 10 - Basic Agent Troubleshooting

    Module 11 - Broker VM Overview

    Module 12 - Deployment Consideration


Cybersecurity analysts and engineers and security operations specialists, as well as administrators and product deployers.




Participants must be familiar with enterprise product deployment, networking, and security concepts.


Length: 2.0 days (16 hours)


Not Your Location? Change

Course Schedule:

Schedule select
9:00 AM CT -
5:00 PM CT
Filling Fast