Use the code ‘FIREBRAND15’ at checkout for 15% off this month only!
15% Discount AvailableUse the code ‘FIREBRAND15’ at checkout
CertNexus CyberSec First Responder® (CFR)
Code: cfr

What you'll learn
On this accelerated 3-day CyberSec First Responder (CFR) course, you'll learn the skills to monitor, detect and execute appropriate responses for IT security incidents - 40% faster than traditional training. With these skills, you'll become the first line of defense against cyber-attacks, boosting your business' existing IT security measures.
You'll be immersed in the curriculum through our unique Lecture | Lab | Review technique, which allows you learn and retain information faster.
Your expert instructor will introduce tools and tactics used to manage cyber security risks, teaching you to identify a range of common threats and how to collect and analyse cyber security intelligence. You'll learn how to:
- Assess information security risk, attacks and post-attacks in computing and network environments.
- Analyse the cyber security threat landscape and evaluate the organisation's security posture within a risk management framework
- Analyse reconnaissance threats to computing and network environments.
- Collect cybersecurity intelligence.
- Analyse data collected from security and event logs.
- Perform active analysis on assets and networks.
- Investigate and respond to cyber security incidents.
During the course, you'll prepare for and sit the CyberSec First Responder CFR-210 exam, covered by your Certification Guarantee.
If you're a cyber security practitioner responsible for protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation, this course is ideal for you. This course is also suitable for those looking to fulfill DoD directive 8570.01 for information assurance (IA) training.
Curriculum
39 modulesLesson 1: Assessing Information Security Risk
- Identify the Importance of Risk Management
- Assess Risk
- Mitigate Risk
- Integrate Documentation into Risk Management
Lesson 2: Analysing the Threat Landscape
- Classify Threats and Threat Profiles
- Perform Ongoing Threat Research
Lesson 3: Analysing Reconnaissance Threats to Computing and Network Environments
- Implement Threat Modeling
- Assess the Impact of Reconnaissance Incidents
- Assess the Impact of Social Engineering
Lesson 4: Analysing Attacks on Computing and Network Environments
- Assess the Impact of System Hacking Attacks
- Assess the Impact of Web-Based Attacks
- Assess the Impact of Malware
- Assess the Impact of Hijacking and Impersonation Attacks
- Assess the Impact of DoS Incidents
- Assess the Impact of Threats to Mobile Security
- Assess the Impact of Threats to Cloud Security
Lesson 5: Analysing Post-Attack Techniques
- Assess Command and Control Techniques
- Assess Persistence Techniques: Assess Lateral Movement and Pivoting Techniques
- Assess Data Exfiltration Techniques
- Assess Anti-Forensics Techniques
Lesson 6: Evaluating the Organisation’s Security Posture
- Conduct Vulnerability Assessments
- Conduct Penetration Tests on Network Assets
- Follow Up on Penetration Testing
Lesson 7: Collecting Cybersecurity Intelligence
- Deploy a Security Intelligence Collection and Analysis Platform
- Collect Data from Network-Based Intelligence Sources
- Collect Data from Host-Based Intelligence Sources
Lesson 8: Analysing Log Data
- Use Common Tools to Analyse Logs
- Use SIEM Tools for Analysis
- Parse Log Files with Regular Expressions
Lesson 9: Performing Active Asset and Network Analysis
- Analyse Incidents with Windows-Based Tools
- Analyse Incidents with Linux-Based Tools
- Analyse Malware
- Analyse Indicators of Compromise
Lesson 10: Responding to Cybersecurity Incidents
- Deploy an Incident Handling and Response Architecture
- Mitigate Incidents
- Prepare for Forensic Investigation as a CSIRT
Lesson 11: Investigating Cybersecurity Incidents
- Apply a Forensic Investigation Plan
- Securely Collect and Analyse Electronic Evidence
- Follow Up on the Results of an Investigation
Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-210)
Appendix B: List of Security Resources
Appendix C: U.S. Department of Defense Operational Security Practices
Prerequisites
It is recommended your possess the following knowledge, skills, and experience prior to the course:
- At least two years of experience in computer network security technology or a related field.
- The ability to recognize information security vulnerabilities and threats in the context of risk management.
- A working knowledge of common computer operating systems.
- A working knowledge of the concepts and operational frameworks of common assurance safeguards in computing environments (including, but not limited to: basic authentication and authorization, resource permissions, and anti-malware mechanisms).
- A working knowledge of common networking concepts, such as routing and switching.
- A working knowledge of the concepts and operational frameworks of common assurance safeguards in network environments (including, but not limited to: firewalls, intrusion prevention systems [IPSs], and virtual private networks [VPNs]).
You can achieve the level of skill and knowledge required by attending the following courses:
- CompTIA A+
- CompTIA Network+
- CompTIA Security+
Exam info
You'll sit the following exam at the Firebrand Training Centre, covered by your Certification Guarantee:
- Exam CFR-210: CyberSec First Responder: Threat Detection and Response
- Exam format: multiple-choice
- Exam duration: 120 questions
- Number of questions: 100
Course Dates
Sorry, there are currently no dates available for this course. Please submit an enquiry and one of our team will contact you about potential future dates or alternative options.
FAQs
4 questionYes, we do provide courses suitable for beginners. However, Firebrand's accelerated courses aren't easy and it's essential that you are interested and actively pursuing a career in IT.
Traditional training providers usually run their courses from 9am to 5pm. At Firebrand Training we maximise the number of learning hours to minimise the number of training days, so you’ll be back to your job as quickly as possible. You don’t waste time travelling to several courses and finding an exam centre after that.
Firebrand's accelerated courses are constantly reviewed. We ask our delegates for feedback after every course. We are official partners with leading vendors and therefore, we're provided with certification changes and updates, which we can then implement in our course delivery at a very early stage. This feedback is then analysed in view of changes or discrepancies. We will then address the topics mentioned and have a panel of subject matter experts provide us with valuable suggestions for improvement and solutions.
If you need to learn new skills and you want to be able to put them into practice quickly, then Firebrand is the right training company for you.
Our unique accelerated training method means that we are your fastest way to learn. By delivering training for up to 12 hours per day, seven days per week, with exam centres on-site, we ensure that you are trained and certified quicker than anywhere else, having spent less time out of the office away from the day job.
Can't find the answer you're looking for?
Our expert learning advisors are ready to help. Whether you need course recommendations, have technical queries, or want to discuss your learning goals, we're just a message away.
Related courses
All CertNexus Courses
Train your team
Since 2001 we've trained 134,561 employees from thousands of large and small organisations, saving them more than one million hours in training time.
Learn More