-
XDR combines classic security functions such as Endpoint Detection and Response and Network Detection and Response. The integration of additional security technologies enables a holistic view of an organization's IT security. Cisco XDR offers the possibility to integrate not only products from the Cisco portfolio, but also to realize this across manufacturers. This course introduces the components of the Cisco XDR solution and takes a closer look at the possible applications. Various integration options as well as practical work with incidents will be examined in more detail. The content is illustrated and deepened by means of practical exercises.
-
Course Contents
-
- Components of an XDR solution
- Structure of the Cisco XDR platform
- First steps
- Integration in Cisco XDR
- Asset management
- Security policies
- Threat Analysis
- Incident Response
- Monitoring
- Practical exercises on a Cisco XDR solution
- Best practices for planning, setup and operation
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at managers, planners and administrators who want to implement a flexible XDR security solution with Cisco XDR and are not afraid to work with the XDR user interface.
-
Knowledge Prerequisites
-
Participants should have previous knowledge of security and network protection. The contents of the course Cyber Security - Cyber Threats, Cyber Attacks and Counter-Strategies, as well as Cyber Defense - Firewalls, Proxies and Advanced Protection are a good basis.
| 1 | Einführung in Cisco XDR |
| 1.1 | Überblick über XDR |
| 1.1.1 | Komponenten einer XDR-Lösung |
| 1.1.2 | Unterschiede zu traditionellen Sicherheitslösungen |
| 1.1.3 | Vorteile von XDR |
| 1.2 | Wichtige Funktionen von XDR |
| 1.2.1 | Funktionsweise von Cisco XDR |
| 1.2.2 | Einsatzmöglichkeiten von Cisco XDR |
| 1.2.3 | Herausforderungen bei der Implementierung |
| 2 | Architektur und Komponenten von Cisco XDR |
| 2.1 | Aufbau der XDR-Plattform |
| 2.1.1 | Die XDR-Architektur |
| 2.1.2 | Lizenzmodell von Cisco XDR |
| 2.1.3 | Das XDR-Dashboard |
| 2.2 | Hauptkomponenten von Cisco XDR (Endpoint Detection & Response) |
| 2.2.1 | Datensammlung und -anaylse |
| 2.2.2 | Bedrohungserkennung und -reaktion |
| 2.2.3 | Integration anderer Sicherheitslösungen |
| 2.2.4 | Automatisierung und Orchestrierung |
| 3 | Installation und Konfiguration von Cisco XDR |
| 3.1 | Vorbereitung der Infrastruktur |
| 3.2 | Schritte zur Installation und Konfiguration |
| 3.2.1 | Netzwerkeinstellungen für die Kommunikation |
| 3.2.2 | Einrichtung von Benutzerkonten |
| 3.2.3 | Einrichten von Berechtigungen |
| 3.2.4 | Integration mit bestehenden Sicherheitslösungen und Tools |
| 3.3 | Erster Test der Cisco XDR-Lösung |
| 4 | Integration in das Unternehmensnetzwerk |
| 4.1 | Anpassung der Firewallregeln |
| 4.2 | Implementierung von VPN-Verbindungen |
| 4.3 | Zusammenarbeit mit anderen Sicherheitslösungen |
| 4.3.1 | Integration von Netzsegmenten und -geräten |
| 4.3.2 | Assets - Devices |
| 5 | XDR Sicherheitsrichtlinien und Konfiguration |
| 5.1 | Sicherheitsrichtlinien |
| 5.1.1 | Bedeutung für das Unternehmen |
| 5.1.2 | Richtlinien zur Erkennung von Bedrohungen |
| 5.1.3 | Richtlinien zur Reaktion auf Bedrohungen |
| 5.2 | Best Practices für Sicherheitsrichtlinien |
| 6 | Bedrohungsanalyse und Incident Response |
| 6.1 | Erkennung von Bedrohungen durch XDR |
| 6.1.1 | Korrelation von Ereignissen |
| 6.1.2 | Identifizierung von Bedrohungen |
| 6.2 | Effektive Incident Response Strategien |
| 6.2.1 | Priorisierung von Bedrohungen |
| 6.2.2 | Automatisierte Reaktionen |
| 6.2.3 | Integration von Threat Intelligence Feeds |
| 7 | Überwachung und Berichterstattung |
| 7.1 | Protokollierung und Ereignisüberwachung |
| 7.1.1 | Erkennung von Anomalien |
| 7.2 | Erstellung von Sicherheitsberichten |
| 7.2.1 | Integration in das Incident Response Management |
| 8 | Best Practices für XDR Sicherheit |
| 8.1 | Multi-Faktor-Authentisierung (MFA) |
| 8.2 | Administrative Aufgaben |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.-
XDR combines classic security functions such as Endpoint Detection and Response and Network Detection and Response. The integration of additional security technologies enables a holistic view of an organization's IT security. Cisco XDR offers the possibility to integrate not only products from the Cisco portfolio, but also to realize this across manufacturers. This course introduces the components of the Cisco XDR solution and takes a closer look at the possible applications. Various integration options as well as practical work with incidents will be examined in more detail. The content is illustrated and deepened by means of practical exercises.
-
Course Contents
-
- Components of an XDR solution
- Structure of the Cisco XDR platform
- First steps
- Integration in Cisco XDR
- Asset management
- Security policies
- Threat Analysis
- Incident Response
- Monitoring
- Practical exercises on a Cisco XDR solution
- Best practices for planning, setup and operation
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at managers, planners and administrators who want to implement a flexible XDR security solution with Cisco XDR and are not afraid to work with the XDR user interface.
-
Knowledge Prerequisites
-
Participants should have previous knowledge of security and network protection. The contents of the course Cyber Security - Cyber Threats, Cyber Attacks and Counter-Strategies, as well as Cyber Defense - Firewalls, Proxies and Advanced Protection are a good basis.
| 1 | Einführung in Cisco XDR |
| 1.1 | Überblick über XDR |
| 1.1.1 | Komponenten einer XDR-Lösung |
| 1.1.2 | Unterschiede zu traditionellen Sicherheitslösungen |
| 1.1.3 | Vorteile von XDR |
| 1.2 | Wichtige Funktionen von XDR |
| 1.2.1 | Funktionsweise von Cisco XDR |
| 1.2.2 | Einsatzmöglichkeiten von Cisco XDR |
| 1.2.3 | Herausforderungen bei der Implementierung |
| 2 | Architektur und Komponenten von Cisco XDR |
| 2.1 | Aufbau der XDR-Plattform |
| 2.1.1 | Die XDR-Architektur |
| 2.1.2 | Lizenzmodell von Cisco XDR |
| 2.1.3 | Das XDR-Dashboard |
| 2.2 | Hauptkomponenten von Cisco XDR (Endpoint Detection & Response) |
| 2.2.1 | Datensammlung und -anaylse |
| 2.2.2 | Bedrohungserkennung und -reaktion |
| 2.2.3 | Integration anderer Sicherheitslösungen |
| 2.2.4 | Automatisierung und Orchestrierung |
| 3 | Installation und Konfiguration von Cisco XDR |
| 3.1 | Vorbereitung der Infrastruktur |
| 3.2 | Schritte zur Installation und Konfiguration |
| 3.2.1 | Netzwerkeinstellungen für die Kommunikation |
| 3.2.2 | Einrichtung von Benutzerkonten |
| 3.2.3 | Einrichten von Berechtigungen |
| 3.2.4 | Integration mit bestehenden Sicherheitslösungen und Tools |
| 3.3 | Erster Test der Cisco XDR-Lösung |
| 4 | Integration in das Unternehmensnetzwerk |
| 4.1 | Anpassung der Firewallregeln |
| 4.2 | Implementierung von VPN-Verbindungen |
| 4.3 | Zusammenarbeit mit anderen Sicherheitslösungen |
| 4.3.1 | Integration von Netzsegmenten und -geräten |
| 4.3.2 | Assets - Devices |
| 5 | XDR Sicherheitsrichtlinien und Konfiguration |
| 5.1 | Sicherheitsrichtlinien |
| 5.1.1 | Bedeutung für das Unternehmen |
| 5.1.2 | Richtlinien zur Erkennung von Bedrohungen |
| 5.1.3 | Richtlinien zur Reaktion auf Bedrohungen |
| 5.2 | Best Practices für Sicherheitsrichtlinien |
| 6 | Bedrohungsanalyse und Incident Response |
| 6.1 | Erkennung von Bedrohungen durch XDR |
| 6.1.1 | Korrelation von Ereignissen |
| 6.1.2 | Identifizierung von Bedrohungen |
| 6.2 | Effektive Incident Response Strategien |
| 6.2.1 | Priorisierung von Bedrohungen |
| 6.2.2 | Automatisierte Reaktionen |
| 6.2.3 | Integration von Threat Intelligence Feeds |
| 7 | Überwachung und Berichterstattung |
| 7.1 | Protokollierung und Ereignisüberwachung |
| 7.1.1 | Erkennung von Anomalien |
| 7.2 | Erstellung von Sicherheitsberichten |
| 7.2.1 | Integration in das Incident Response Management |
| 8 | Best Practices für XDR Sicherheit |
| 8.1 | Multi-Faktor-Authentisierung (MFA) |
| 8.2 | Administrative Aufgaben |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.
Hybrid Training
Trainer language German