fbpx
course-banner.jpg

CyberSec First Responder™ (CFR)

This course covers network defence and incident response methods, tactics, and procedures are taught in alignment with industry frameworks such as NIST 800-61 r.2 (Computer Security Incident Handling), US-CERT’s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy.

5 Days
From £720.00 incl. VAT

Live online events

5 days, 09:00 AM BST - 05:00 PM BST

Online

  • £1,700.00 incl. VAT

This product includes eLearning, 180-day Kaplan IT Test Prep, Lab, Exam Voucher for (CFR-310).

  • £720.00 incl. VAT

Description

This course covers network defence and incident response methods, tactics, and procedures are taught in alignment with industry frameworks such as NIST 800-61 r.2 (Computer Security Incident Handling), US-CERT’s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents.

The course introduces tools, tactics, and procedures to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyse cybersecurity intelligence and remediate and report incidents as they occur.

This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-310) certification examination. What you learn and practice in this course can be a significant part of your preparation.

Audience Profile

This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies, and private sector firms who whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DODIN) operation and incident handling.

Prerequisites

  • Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments.
  • General knowledge of the concepts and operational framework of common assurance safeguards in computing environments.
  • Foundation-level skills with some of the common operating systems for computing environments.
  • General or practical knowledge of major TCP/IP networking protocols.

What's included

  • Study Guide
  • Experienced CFR Instructor
  • CFR exam preparation material
  • 24-hr remote access to a virtual lab for 6 months
  • Exam Voucher (Optional)
  • Certificate on Completion
  • Refreshments (Classroom training)

Exam Details

  • Exam CFR-310

Course Outline

Module 1: Assessment of Information Security Risks

Lessons:

  • The Importance of Risk Management
  • Assess Risk
  • Mitigate Risk
  • Integrating Documentation into Risk Management

Module 2: Analyzing the Threat Landscape

Lessons:

  • Classify Threats and Threat Profiles
  • Perform Ongoing Threat Research

Module 3: Computing and Network Environments: Analyzing Reconnaissance Threats

Lessons:

  • Implementation of Threat Modeling
  • Reconnaissance: Assessing the Impact
  • Social Engineering: Assessing the Impact

Module 4: Analyzing Attacks on Computing and Network Environments

Lessons:

  • System Hacking Attacks: Assessing the Impact
  • Web-Based Attacks: Assessing the Impact
  • Malware: Assessing the Impact
  • Hijacking and Impersonation Attacks: Assessing the Impact
  • DoS Incidents: Assessing the Impact
  • Threats to Mobile Security: Assessing the Impact
  • Threats to Cloud Security: Assessing the Impact

Module 5: Examining Post-Attack Techniques

Lessons:

  • Examine Command and Control Techniques
  • Examine Persistence Techniques
  • Examine Lateral Movement and Pivoting Techniques
  • Examine Data Exfiltration Techniques
  • Examine Anti-Forensics Techniques

Module 6: Manage Vulnerabilities in the Organization

Lessons:

  • Implement a Vulnerability Management Plan
  • Examine Common Vulnerabilities
  • Conduct Vulnerability Scans

Module 7: Evaluate Security by Implementing Penetration Testing

Lessons:

  • Conduct Penetration Tests on Network Assets
  • Follow Up on Penetration Testing

Module 8: Collecting Cybersecurity Intelligence

Lessons:

  • Deployment of a Security Intelligence Collection and Analysis Platform
  • Data Collection from Network-Based Intelligence Sources
  • Data Collection from Host-Based Intelligence Sources

Module 9: Analyze Log Data

Lessons:

  • Common Tools to Analyze Logs
  • SIEM Tools for Analysis

Module 10: Performing Active Asset and Network Analysis

Lessons:

  • Analyze Incidents using Windows-Based Tools
  • Analyze Incidents using Linux-Based Tools
  • Analyze Malware
  • Analyze Indicators of Compromise

Module 11: Response to Cybersecurity Incidents

Lessons:

  • Deployment of Incident Handling and Response Architecture
  • Containment and Mitigation of Incidents
  • Preparation for Forensic Investigation as a CSIRT

Module 12: Investigating Cybersecurity Incidents

Lessons:

  • Use a Forensic Investigation Plan
  • Securely Collect and Analyze Electronic Evidence
  • Follow Up on the Results of an Investigation

Our registered and postal address is:
The Pinnacle, Office 203, 170 Midsummer Boulevard, Milton Keynes, MK9 1BP

ICSI LTD is registered in England No. 8680530