Palo Alto Networks: Cortex XDR 2: Prevention, Analysis, and Response (EDU-260)

This instructor-led training enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and demonstrates how to install agents on your endpoints and how to create Security profiles and policies. The training enables you to perform and track response actions, tune profiles, and work with Cortex XDR alerts. The training concludes with discussions about basic troubleshooting of the agent, the on-premises Broker VM component, and Cortex XDR deployment.

Powered by Cloud Harmonics

Course Information

Price: $2,995.00
Duration: 3 days
Certification: None
Learning Credits:
Course Delivery Options

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

Train face-to-face with the live instructor.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.
*An SLI sales rep will confirm location availability prior to registration confirmation.

Attend the live class from the comfort of your home or office.

All Sunset Learning dates are guaranteed to run!



Participants must be familiar with enterprise product deployment, networking, and security concepts.


Target Audience:

Cybersecurity analysts and engineers and security operations specialists, as well as administrators and product deployers.


Course Objectives:

Successful completion of this instructor-led course with hands-on lab activities should enable you to:

  • Describe the architecture and components of the Cortex XDR family
  • Use the Cortex XDR management console
  • Create Cortex XDR agent installation packages, endpoint groups, and policies
  • Deploy Cortex XDR agents on endpoints
  • Create and manage exploit and malware prevention profiles
  • Investigate alerts and prioritize them using starring and exclusion policies
  • Tune Security profiles using Cortex XDR exceptions
  • Perform and track response actions in the Action Center
  • Perform basic troubleshooting related to Cortex XDR agents
  • Deploy a Broker VM and activate the Local Agents Settings applet
  • Understand Cortex XDR deployment concepts and activation requirements
  • Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization


Course Outline:

This class is comprised of the following modules:

  • Module 1 – Cortex XDR Family Overview
  • Module 2 – Cortex XDR Main Components
  • Module 3 – Cortex XDR Main Components
  • Module 4 – Profiles and Policy Rules
  • Module 5 – Malware Protection
  • Module 6 – Exploit Protection
  • Module 7 – Cortex XDR Alerts
  • Module 8 – Tuning Policies using Exceptions
  • Module 9 – – Response Actions
  • Module 10 – Basic Agent Troubleshooting
  • Module 11 – Broker VM Overview
  • Module 12 – Deployment Considerations