CyberSec First Responder® (CFR-410)
Defense against constant cyber threats requires a thorough understanding of the tools, processes, and strategies that are used when protecting an information system. With the CyberSec First Responder® course, you will learn the necessary skills to protect your organization's information systems before, during, and after an attack.
A holistic approach to cyber security
As CyberSec First Responder®, you are first line of defense against cyber attacks that can cost an organization valuable time and money. CyberSec First Responder® is a cybersecurity training and certification program that enables you to analyze threats, design secure computer and network environments, proactively defend networks, investigate and respond to cybersecurity incidents. In the course, you will learn to identify, assess, protect against, and respond to security threats, and you will learn how to operate a system and network security analysis platform. In addition to focusing on the knowledge and skills necessary to ensure the defense of information systems in a cybersecurity context, the course also ensures that, as a member of an IT team—regardless of size, rank, or budget—you understand your role in cyber defense, incident response, and incident management processes.
Participant Profile
This course is for anyone working in cybersecurity. It is suitable for those tasked with developing secure networks, those who monitor and detect security incidents in information systems and networks, those responsible for standardizing responses to security incidents, and those working to keep hackers out. The course is also for those who wish to prepare for the CertNexus® CyberSec First Responder certification (exam CFR-410).
Prerequisites
To ensure your success on this course, you should meet the following requirements:
- At least two years (recommended) of experience or education in computer network security technology or a related field.
- The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.
- Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
- General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
- Foundation-level skills with some of the common operating systems for computing environments.
- Entry-level understanding of some of the common concepts for network environments, such as routing and switching.
- General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
Course Benefits
- Obtain skills in penetration testing and learn to identify vulnerabilities before they can be exploited by attackers
- Learn how to design secure computers and network environments
- Develop a proactive approach to network security that prevents attacks before they occur
- Learn to analyze threats, proactively defend networks, and investigate cybersecurity incidents.
- Learn to operate a system and network security analysis platform.
- Acquire a comprehensive method for defending your organization against cyber threats.
- Obtain tools, tactics, and procedures to manage cybersecurity risks.
- Learn to collect and analyze cybersecurity intelligence and to remediate and report security incidents.
Course objectives
- Assess cybersecurity risks to the organization.
- Analyze the threat landscape.
- Analyze various reconnaissance threats to computing and network environments.
- Analyze various attacks on computing and network environments as well as post-attack techniques.
- Assess the organization's security posture through auditing, vulnerability management, and penetration testing.
- Collect cybersecurity intelligence from various network-based and host-based sources.
- Analyze log data to reveal evidence of threats and incidents.
- Perform active assets and network analysis to detect incidents.
- Respond to cybersecurity incidents using containment, mitigation, and recovery tactics.
- Investigate cybersecurity incidents using forensic analysis techniques.
Course content
Topic B: Assess Risk
Topic C: Mitigate Risk
Topic D: Integrate Documentation into Risk Management
Topic B: Analyze Trends Affecting Security Posture
Topic B: Assess the Impact of Reconnaissance
Topic C: Assess the Impact of Social Engineering
Topic B: Assess the Impact of Web-Based Attacks
Topic C: Assess the Impact of Malware
Topic D: Assess the Impact of Hijacking and Impersonation Attacks
Topic E: Assess the Impact of DoS Incidents
Topic F: Assess the Impact of Threats to Mobile Security
Topic G: Assess the Impact of Threats to Cloud Security
Topic B: Assess Persistence Techniques
Topic C: Assess Lateral Movement and Pivoting Techniques
Topic D: Assess Data Exfiltration Techniques
Topic E: Assess Anti-Forensics Techniques
Topic B: Implement a Vulnerability Management Plan
Topic C: Assess Vulnerabilities
Topic D: Conduct Penetration Testing
Topic B: Collect Data from Network-Based Intelligence Sources
Topic C: Collect Data from Host-Based Intelligence Sources
Topic B: Use SIEM Tools for Analysis
Topic B: Analyze Incidents with Linux-Based Tools
Topic C: Analyze Indicators of Compromise
Topic B: Mitigate Incidents
Topic C: Hand Over Incident Information to a Forensic Investigation
Topic B: Securely Collect and Analyze Electronic Evidence
Topic C: Follow Up on the Results of an Investigation
Appendix A: Mapping Course Content to CyberSec First Responder® (Exam CFR-410)
Appendix B: Regular Expressions
Method
This course includes both theoretical review, discussion, and hands-on exercises. There will generally be a high level of participant activity, and the course prepares you for the CertNexus® CyberSec First Responder (Exam CFR-410).
The course is held in English with English courseware and exam
Certification
The CertNexus® CyberSec First Responder Exam (CFR-410) exam will certify that the successful candidate has vendor-neutral knowledge, skills, and abilities required to effectively identify, detect, protect, respond, and recover from malicious activities involving computing systems. Additionally, the candidate has the foundational knowledge to deal with a changing threat landscape and will be able to assess risk and vulnerabilities, acquire data, perform analysis, continuously communicate, determine scope, recommend remediation actions, and accurately report results.
The exam voucher is included in the course price.
- Passing Score: 70% or 73% depending on exam form. (Note: Forms have been statistically equated.)
- Number of questions: 80
- Duration: 120 minutter
- Formats: Multiple Choice, closed book exam
CompTIA Continuing Education Units (CEU)
Upon completion of the course, you’ll earn 30 CompTIA Continuing Education Units (CEUs) for CompTIA A+, Network+, Security+, and Cloud+ certifications. Once you pass your CFR certification, you’ll earn an additional 20 CEUs for CompTIA A+, 30 CEUs for Network+ and Cloud+, and 50 CEUs for Security+.
Do you have any course related questions, please contact
- Malene Kjærsgaard
- Konsulent
- +45 72202523