Logical Operations >
CyberSec First Responder > CyberSec First Responder Training
CyberSec First Responder Training
About This IT Training:
|
Exam Number: |
CFR-101 |
Exam Name: |
CyberSec First Responder: Threat Detection and Response |
Certifications: |
CyberSec First Responder |
Single-User License |
|
CyberSec First Responder Training
This five-day
course is designed for cybersecurity practitioners who perform job
functions related to protecting and defending information systems by
ensuring availability, integrity, authentication, confidentiality, and
non-repudiation. This course focuses on the knowledge, ability, and
skills, such as protection, detection, investigation, reaction,
response, and auditing capabilities, necessary to provide for the
restoration of those information systems in a cybersecurity
context.
The course covers the duties of those who
are responsible for monitoring and detecting security incidents in
information systems and networks and for executing a proper response to
such incidents. Depending on the size of the organization, this
individual may act alone or may be a member of a computer security
incident response team (CSIRT). The course introduces strategies,
frameworks, methodologies, and tools to manage cybersecurity risks,
identify various types of common threats, design and operate secure
computing and networking environments, assess and audit the
organization's security, collect and analyze cybersecurity intelligence,
and handle incidents as they occur. The course also covers closely
related information assurance topics such as auditing and forensics to
provide a sound basis for a comprehensive approach to security aimed
toward those on the front lines of defense.
This
course is also designed to assist students in preparing for the CyberSec
First Responder: Threat Detection and Response (Exam CFR-101)
certification examination. What you learn and practice in this course
can be a significant part of your preparation.
What's
Included
- Comprehensive study materials,
including official courseware
- Remote lab
access
CyberSec First Responder
Training Prerequisites:
To ensure success in this course,
participants should meet the following
requirements:
- At least two years
(recommended) of experience in computer network security technology or a
related field
- Knowledge of information security
vulnerabilities and threats in the context of risk
management
- Foundational knowledge of the common
operating systems for computing
environments
- Foundational knowledge of the concepts
and operational framework of common assurance safeguards in computing
environments, including, but not limited to, basic
authentication and authorization, resource permissions, and anti-malware
mechanisms
- Foundational knowledge of the common
concepts for network environments, such as routing and
switching
- Foundational knowledge of the concepts and
operational framework of common assurance safeguards in network
environments, including, but not limited to, firewalls, intrusion
prevention systems (IPSs), and virtual private networks (VPNs).
CyberSec First Responder
Training Course Content
In this course, you will develop,
operate, manage, and enforce security capabilities for systems and
networks.
You will:
- Assess
information
security risk in computing and network
environments.
- Create an information assurance
lifecycle
process.
- Analyze threats to computing and network
environments.
- Design secure computing and network
environments.
- Operate secure computing and network
environments.
- Assess the security posture within a
risk
management framework.
- Collect cybersecurity
intelligence
information.
- Analyze collected intelligence to
define
actionable response.
- Respond to cybersecurity
incidents.
- Investigate cybersecurity
incidents.
- Audit secure computing and network
environments.
CyberSec First
Responder Training Course
Outline
Lesson 1: Assessing Information
Security Risk
- Topic A: Identify the Importance of Risk
Management
- Topic B: Assess Risk
- Topic C:
Mitigate Risk
- Topic D: Integrate Documentation into Risk
Management
Lesson 2: Creating an Information
Assurance Lifecycle Process
- Topic A: Evaluate Information Assurance
Lifecycle Models
- Topic B: Align Information Security Operations to
the
Information Assurance Lifecycle
- Topic C: Align
Information
Assurance and Compliance Regulations
Lesson 3: Analyzing
Threats to Computing and Network Environments
- Topic A:
Identify Threat Analysis Models
- Topic B: Assess the
Impact of
Reconnaissance Incidents
- Topic C: Assess the Impact
of Systems
Hacking Attacks
- Topic D: Assess the Impact of
Malware
- Topic E: Assess the Impact of Hijacking and
Impersonation
Attacks
- Topic F: Assess the Impact of DoS Incidents
- Topic G: Assess the Impact of Threats to Mobile
Security
- Topic H: Assess the Impact of Threats to Cloud
Security
Lesson 4: Designing Secure Computing and
Network Environments
- Topic A: Information Security
Architecture Design Principles
- Topic B: Design Access Control Mechanisms
- Topic C:
Design Cryptographic Security Controls
- Topic D:
Design
Application Security
- Topic E: Design Computing
Systems
Security
- Topic F: Design Network Security
Lesson 5:
Operating Secure Computing and Network Environments
- Topic A:
Implement Change Management in Security Operations
- Topic B:
Implement Monitoring in Security Operations
Lesson 6:
Assessing the Security Posture Within a Risk Management Framework
- Topic A: Deploy a Vulnerability
Management Platform
- Topic B: Conduct Vulnerability Assessments
- Topic C:
Conduct Penetration Tests on Network Assets
- Topic
D: Follow Up
on Penetration Testing
Lesson 7:
Collecting Cybersecurity
Intelligence Information
- Topic A: Deploy a
Security
Intelligence Collection and Analysis Platform
- Topic
B: Collect
Data from Security Intelligence Sources
Lesson 8: Analyzing
Cybersecurity Intelligence Information
- Topic A: Analyze
Security Intelligence to Address Incidents
- Topic B:
Use SIEM
Tools for Analysis
Lesson 9: Responding
to Cybersecurity
Incidents
- Topic A: Deploy an Incident
Handling and Response
Architecture
- Topic B: Perform Real-Time Incident
Handling
Tasks
- Topic C: Prepare for Forensic Investigation
Lesson 10: Investigating Cybersecurity
Incidents
- Topic A: Create a Forensic
Investigation Plan
- Topic
B: Securely Collect Electronic Evidence
- Topic C:
Identify the
Who, Why, and How of an Incident
- Topic D: Follow Up
on the
Results of an Investigation
Lesson 11:
Auditing Secure
Computing and Network Environments
- Topic
A: Deploy a Systems
and Processes Auditing Architecture
- Topic B:
Prepare for
Audits
- Topic C: Perform Audits Geared Toward the
Information
Assurance Lifecycle
Appendix A: List of
Security Resources
Be the first to review this product. If you have used this product, you can review it on your account page. You must be logged in to review products.
LOP-TR-CFR101-01