CertNexus CyberSec First Responder® (CFR)

On this accelerated 3-day CyberSec First Responder (CFR) course, you'll learn the skills to monitor, detect and execute appropriate responses for IT security incidents - 40% faster than traditional training. With these skills, you'll become the first line of defense against cyber-attacks, boosting your business' existing IT security measures.

You'll be immersed in the curriculum through our unique Lecture | Lab | Review technique, which allows you learn and retain information faster.

Your expert instructor will introduce tools and tactics used to manage cyber security risks, teaching you to identify a range of common threats and how to collect and analyse cyber security intelligence. You'll learn how to:

• Assess information security risk, attacks and post-attacks in computing and network environments.
• Analyse the cyber security threat landscape and evaluate the organisation's security posture within a risk management framework
• Analyse reconnaissance threats to computing and network environments.
• Collect cybersecurity intelligence.
• Analyse data collected from security and event logs.
• Perform active analysis on assets and networks.
• Investigate and respond to cyber security incidents.

During the course, you'll prepare for and sit the CyberSec First Responder CFR-210 exam, covered by your Certification Guarantee.

If you're a cyber security practitioner responsible for protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation, this course is ideal for you. This course is also suitable for those looking to fulfill DoD directive 8570.01 for information assurance (IA) training.

Lesson 1: Assessing Information Security Risk

• Identify the Importance of Risk Management
• Assess Risk
• Mitigate Risk
• Integrate Documentation into Risk Management

Lesson 2: Analysing the Threat Landscape

• Classify Threats and Threat Profiles
• Perform Ongoing Threat Research

Lesson 3: Analysing Reconnaissance Threats to Computing and Network Environments

• Implement Threat Modeling
• Assess the Impact of Reconnaissance Incidents
• Assess the Impact of Social Engineering

Lesson 4: Analysing Attacks on Computing and Network Environments

• Assess the Impact of System Hacking Attacks
• Assess the Impact of Web-Based Attacks
• Assess the Impact of Malware
• Assess the Impact of Hijacking and Impersonation Attacks
• Assess the Impact of DoS Incidents
• Assess the Impact of Threats to Mobile Security
• Assess the Impact of Threats to Cloud Security

Lesson 5: Analysing Post-Attack Techniques

• Assess Command and Control Techniques
• Assess Persistence Techniques: Assess Lateral Movement and Pivoting Techniques
• Assess Data Exfiltration Techniques
• Assess Anti-Forensics Techniques

Lesson 6: Evaluating the Organisation’s Security Posture

• Conduct Vulnerability Assessments
• Conduct Penetration Tests on Network Assets
• Follow Up on Penetration Testing

Lesson 7: Collecting Cybersecurity Intelligence

• Deploy a Security Intelligence Collection and Analysis Platform
• Collect Data from Network-Based Intelligence Sources
• Collect Data from Host-Based Intelligence Sources

Lesson 8: Analysing Log Data

• Use Common Tools to Analyse Logs
• Use SIEM Tools for Analysis
• Parse Log Files with Regular Expressions

Lesson 9: Performing Active Asset and Network Analysis

• Analyse Incidents with Windows-Based Tools
• Analyse Incidents with Linux-Based Tools
• Analyse Malware
• Analyse Indicators of Compromise

Lesson 10: Responding to Cybersecurity Incidents

• Deploy an Incident Handling and Response Architecture
• Mitigate Incidents
• Prepare for Forensic Investigation as a CSIRT

Lesson 11: Investigating Cybersecurity Incidents

• Apply a Forensic Investigation Plan
• Securely Collect and Analyse Electronic Evidence
• Follow Up on the Results of an Investigation

Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-210)
Appendix B: List of Security Resources
Appendix C: U.S. Department of Defense Operational Security Practices

You'll sit the following exam at the Firebrand Training Centre, covered by your Certification Guarantee:

• Exam CFR-210: CyberSec First Responder: Threat Detection and Response
• Exam format: multiple-choice
• Exam duration: 120 questions
• Number of questions: 100

Included:

• Official exam
• Official and comprehensive course materials

It is recommended your possess the following knowledge, skills, and experience prior to the course:

• At least two years of experience in computer network security technology or a related field.
• The ability to recognize information security vulnerabilities and threats in the context of risk management.
• A working knowledge of common computer operating systems.
• A working knowledge of the concepts and operational frameworks of common assurance safeguards in computing environments (including, but not limited to: basic authentication and authorization, resource permissions, and anti-malware mechanisms).
• A working knowledge of common networking concepts, such as routing and switching.
• A working knowledge of the concepts and operational frameworks of common assurance safeguards in network environments (including, but not limited to: firewalls, intrusion prevention systems [IPSs], and virtual private networks [VPNs]).

You can achieve the level of skill and knowledge required by attending the following courses:

• CompTIA A+
• CompTIA Network+
• CompTIA Security+

Seven reasons why you should sit your course with Firebrand Training

• Two training options. Choose between residential classroom-based and online courses
• You'll be certified fast. With us, you’ll be trained in record time
• Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
• Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
• You’ll learn more. A day with a traditional training provider generally runs from 9am–5pm, with a nice long break for lunch. With Firebrand, you’ll get at least 12 hours/day of quality learning time with your instructor
• You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
• You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

*For residential training only. Doesn't apply for online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts

Are you ready for the course? 

Get access to free practice tests for your course  Free Practice Test