Cortex XDR: Prevention and Deployment (EDU-260)

This instructor-led training basically enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console, showing you how to install the agents on your endpoints and also how to create security profiles and policies. The training also helps you understand how to perform and track response actions, tune profiles, and work with Cortex XDR alerts.

The training ends up with introductory modules basic troubleshooting of the agent, on-premises Broker VM component, and Cortex XDR deployment

Please Note: This course will be delivered in half-day sessions


Successful completion of this instructor-led course with hands-on lab activities should enable the students to:

  • Differentiate the architecture and components of the Cortex XDR family
  • Work with the Cortex XDR management console
  • Create Cortex XDR agent installation packages, endpoint groups, and policies
  • Deploy Cortex XDR agents on endpoints
  • Create and manage exploit and malware prevention profiles
  • Investigate alerts and prioritize them using starring and exclusion policies
  • Tune security profiles using Cortex XDR exceptions.
  • Perform and track response actions in the Action Center
  • Perform basic troubleshooting related to Cortex XDR agents
  • Deploy a Broker VM and activate Local Agents Settings applet
  • Understand Cortex XDR deployment concepts and activation requirements
  • Work with Customer Support Portal and Cortex XDR Gateway for authentication and authorization

Target Audience

Cybersecurity analysts and engineers, and security operations specialists as well as administrators and product deployers.


Participants must be familiar with enterprise product deployment, networking, and security concepts.

Course Modules

  1. Cortex XDR Overview
  2. Cortex XDR Basic Components
  3. Cortex XDR Management Console
  4. Policy Rules and Profiles
  5. Malware Protection
  6. Exploit Protection
  7. Cortex XDR Alerts
  8. Response Actions
  9. Tuning Policies using Exceptions
  10. Basic Agent Troubleshooting
  11. Broker VM Overview
  12. Deployment Considerations

Palo Alto Networks Education

The technical curriculum developed and authorized by Palo Alto Networks and delivered by Palo Alto Networks Authorized Training Partners helps provide the knowledge and expertise that prepare you to protect our digital way of life. Our trusted certifications validate your knowledge of the Palo Alto Networks product portfolio and your ability to help prevent successful cyberattacks and safely enable applications