CyberSec First Responder Certification Training

This CyberSec First Responder Certification course from CertNexus takes a holistic approach to preparing IT Professionals to analyse threats, secure networks, and utilise critical problem-solving skillsets to protect an organisation from threats. Focusing on the key areas of detect, analyse, and respond , attendees will gain the knowledge and practical skills needed to recover from attacks and thwart potential future threats.

CyberSec First Responder Certification Training Delivery Methods

• In-Person

• Online

CyberSec First Responder Certification Training Information

• CyberSec First Responder Certification Training Benefits

  • Effectively identify malicious activities involving computing systems.
  • Assess information security risks in network environments.
  • Collect cybersecurity intelligence to prepare for assessments.
  • Develop the skills needed to cut the lag time between when a breach occurs and when it is detected.
  • Assess the risks and vulnerabilities to analyse and determine the scope in an immersive, hands-on environment.
  • Effectively protect critical information systems before, during, and after an attack.
  • Analyse post-attack techniques and apply skills to respond proactively.

• CyberSec First Responder Certification Prerequisites

  3-5 years of experience working in an IT environment and familiarity with networks, systems, administration, etc.

• CyberSec First Responder Certification Exam Information

  This CyberSec First Responder Certification course prepares you for the new CFR-410 exam and is accredited by ANSI, a requirement for DoD 8570.

CyberSec First Responder Training Outline

Lesson 1: Assessing Information Security Risk

• Topic A: Identify the Importance of Risk Management
• Topic B: Assess Risk
• Topic C: Mitigate Risk
• Topic D: Integrate Documentation into Risk Management

Lesson 2: Analysing the Threat Landscape

• Topic A: Classify Threats and Threat Profiles
• Topic B: Perform Ongoing Threat Research

Lesson 3: Analysing Reconnaissance Threats to Computing and Network Environments

• Topic A: Implement Threat Modeling
• Topic B: Assess the Impact of Reconnaissance
• Topic C: Assess the Impact of Social Engineering

Lesson 4: Analysing Attacks on Computing and Network Environments

• Topic A: Assess the Impact of System Hacking Attacks
• Topic B: Assess the Impact of Web-Based Attacks
• Topic C: Assess the Impact of Malware
• Topic D: Assess the Impact of Hijacking and Impersonation Attacks
• Topic E: Assess the Impact of DoS Incidents
• Topic F: Assess the Impact of Threats to Mobile Security
• Topic G: Assess the Impact of Threats to Cloud Security

Lesson 5: Analysing Post-Attack Techniques

• Topic A: Assess Command and Control Techniques
• Topic B: Assess Persistence Techniques
• Topic C: Assess Lateral Movement and Pivoting Techniques
• Topic D: Assess Data Exfiltration Techniques
• Topic E: Assess Anti-Forensics Techniques

Lesson 6: Managing Vulnerabilities in the Organisation

• Topic A: Implement a Vulnerability Management Plan
• Topic B: Assess Common Vulnerabilities
• Topic C: Conduct Vulnerability Scans

Lesson 7: Implementing Penetration Testing to Evaluate Security

• Topic A: Conduct Penetration Tests on Network Assets
• Topic B: Follow Up on Penetration Testing

Lesson 8: Collecting Cybersecurity Intelligence

• Topic A: Deploy a Security Intelligence Collection and Analysis Platform
• Topic B: Collect Data from Network-Based Intelligence Sources
• Topic C: Collect Data from Host-Based Intelligence Sources

Lesson 9: Analysing Log Data

• Topic A: Use Common Tools to Analyse Logs
• Topic B: Use SIEM Tools for Analysis

Lesson 10: Performing Active Asset and Network Analysis

• Topic A: Analyse Incidents with Windows-Based Tools
• Topic B: Analyse Incidents with Linux-Based Tools
• Topic C: Analyse Malware
• Topic D: Analyse Indicators of Compromise

Lesson 11: Responding to Cybersecurity Incidents

• Topic A: Deploy an Incident Handling and Response Architecture
• Topic B: Contain and Mitigate Incidents
• Topic C: Prepare for Forensic Investigation as a CSIRT

Lesson 12: Investigating Cybersecurity Incidents

• Topic A: Apply a Forensic Investigation Plan
• Topic B: Securely Collect and Analyse Electronic Evidence
• Topic C: Follow Up on the Results of an Investigation

Appendix A: Mapping Course Content to CyberSec First Responder™ (Exam CFR-410)

Appendix B: Regular Expressions

Appendix C: Security Resources

Appendix D: U.S. Department of Defense Operational Security Practices