This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense.
This course is designed to assist students in preparing for the CyberSec First Responder (Exam CFR-210) certification examination. What you learn and practice in this course can be a significant part of your preparation.
CyberSec First Responders are just that: the first line of response against cyber-attacks that can cost your organization valuable time and money. The CyberSec First Responder: Threat Detection and Response course, or CFR, will prepare security professionals to become the first line of response against cyber-attacks by teaching students to analyze threats, design secure computing and network environments, proactively defend networks, and respond/investigate cybersecurity incidents. CFR is also designed for students who are seeking to fulfill DoD directive 8570.01 for information assurance training.
In this course, you will assess and respond to security threats and operate a systems and network security analysis platform.
This course is designed for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context including protection, detection, analysis, investigation, and response capabilities. This course is also designed for students who are seeking the CyberSec First Responder certification and who want to prepare for the CFR-210 Certification Exam.
Students taking this course should have the following skills:
At least 2 years of experience in computer network security technology or a related field is recommended
Recognize information security vulnerabilities and threats in the context of risk management
Operate at a foundational level some of the common operating systems for computing environments
Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms
Operate at a foundational level some of the common concepts for network environments, such as routing and switching
Foundational knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP
Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and virtual private networks (VPNs)