• No products in the basket.

CyberSec First Responder Online Course with Exam CFR 210

0( 0 REVIEWS )
CyberSec First Responder Online Course with Exam CFR 210


Are you ready to protect your organistion? The CyberSec First Responder (Exam CFR-210) (Exam CFR-210) course will teach learners how to protect an IT infrastructure from cyber-attacks within an organisation. Individuals will learn how to prepare their response and act accordingly. Learners will gain knowledge of the tools and techniques that can be used in their response, independent of the size of the organisation. The course focuses on common risks, threats and how to mitigate them.

The CyberSec First Responder (Exam CFR-210) course is designed for professionals whose job function is related to operation, development and management for networks and systems. Personnel who perform IA functions, establish IA policies and implement security measures.

The CyberSec First Responder (Exam CFR-210) course will enable learners to gain a sound knowledge of how vital it is to protect their organisation from cyber-attacks.  The course is internationally recognised and accredited to a training organisation and you will be issued an internationally recognised qualification following full completion of CyberSec First Responder (Exam CFR-210) course.

Why consider 1Training?

As improvements and advancements are made in technology, online courses are no longer just conventional means of studying at affordable costs. In many aspects online training offers superiority to traditional learning. There is an effectiveness and convenience that traditional learning cannot provide. The overall convenience and flexibility makes it a superior learning method.

1Training offers the most convenient path to gain an internationally recognised qualification that will give you the opportunity to put into practice your skill and expertise in an enterprise or corporate environment. You can study at your own pace at 1Training and you will be provided with all the necessary material, tutorials, qualified course instructor and multiple free resources which include Free CV writing pack, Nus Discounted Card, Free career support and course demo to make your learning experience enriching and more rewarding.

Learning Outcomes

  • Learn how to assess security risk in an IT infrastructure.
  • Learn how to conduct security audits.
  • Learn how to analyse threats to an IT infrastructure.
  • Collect cyber security intelligence data to enable learners to analyse and define an actionable response.
  • Learn how to assess security risk within a management framework and respond and investigate incidents accordingly.

Course Titles

  • Module 01: Assessing Information Security Risk
  • Module 02: Analyzing the Threat Landscape
  • Module 03: Analyzing Reconnaissance Threats to Computing and Network Environments
  • Module 04: Analyzing Attacks on Computing and Network Environments
  • Module 05: Analyzing Post Attack Techniques
  • Module 06: Evaluating the Organization’s Security Posture
  • Module 07: Collecting Cyber security Intelligence
  • Module 08: Analyzing Log Data
  • Module 09: Performing Active Asset and Network Analysis
  • Module 10: Responding to Cyber security Incidents
  • Module 11: Investigating Cyber security Incidents

Access Duration

The course will be directly delivered to you, and you have 12 months access to the online learning platform from the date you joined the course.  The course is self-paced and you can complete it in stages, revisiting the lectures at anytime.

Who is this Course aimed at?

  • The course is aimed at IT Administrators.
  • Network Administrators.
  • Information Systems Engineers.
  • Individuals working as Information Security Officers.

Entry Requirements

  • Learners are advised to have basic knowledge of networking technologies, network security and routing protocols.
  • Learners must also have two years of experience in network administration.

Method of Assessment

At the end of the CyberSec First Responder (Exam CFR-210) course you will be required to take a multiple choice question assessment test. The multiple choice question assessment will be automatically marked with learners receiving an instant grade.

If it is an official exam you will have to purchase it separately on the relevant website.


Those who successfully complete the exam will be awarded the certificate in CyberSec First Responder (Exam CFR-210).

Awarding Body

The certificate will be awarded by National Initiative for Cybersecurity Careers and Studies (NICCS). This internationally recognised qualification will make your CV standout and encourage employers to see your motivation at expanding your skills and knowledge in the IT enterprise.

Progression and Career Path

Once you successfully complete CyberSec First Responder (Exam CFR-210) you will be qualified to work in the following positions. The CyberSec First Responder (Exam CFR-210) qualification will also put you in line to demand a higher salary or job promotion. The average UK salary per annum according to is given below.

  • Network Administrator – £25,250 per annum
  • System Administrator – £24,631 per annum
  • Security Consultant (Networking) – £46,517 per annum
  • Systems Engineer (Networking) – £27,265 per annum

Other Benefits

  • Written and designed by the industry’s finest expert instructors with over 15 years of experience
  • Repeat and rewind all your lectures and enjoy a personalised learning experience
  • Gain access to quality video tutorials
  • Unlimited 12 months access from anywhere, anytime
  • Excellent Tutor Support Service (Monday to Friday)
  • Save time and money on travel
  • Learn at your convenience and leisure
  • Quizzes, tests mock exams, practice exams to ensure you are 100% ready
  • Eligible for a NUS discount card
  • Free Career Support Service
  • 25% Discount on personal Statement and covering letter writing service
  • Free Access to Over 150 courses for 2 days (48 hours)

Key Features

Gain an accredited UK qualification

Access to excellent quality study materials

Learners will be eligible for TOTUM Discount Card

Personalized learning experience

One year’s access to the course

Support by phone, live chat, and email

Course Curriculum Total Units : 379
➤ Module: 01 - Assessing Information Security Risk
Course Introduction
1.0 Topic A: Identify the Importance of Risk Management
1.1 Elements of Cybersecurity (Perimeter Model)
1.2 Elements of Cybersecurity (Endpoint Model)
1.3 The Risk Equation
1.4 Risk Management
1.5 The Importance of Risk Management
1.6 ERM
1.7 Reasons to Implement ERM
1.8 Risk Exposure
1.9 Risk Analysis Methods
1.10 Risks Facing an Enterprise
2.0 Topic B: Assess Risk
2.1 ESA Frameworks
2.2 ESA Framework Assessment Process
2.3 New and Changing Business Models
2.4 De-perimeterization
2.5 New Products and Technologies
2.6 Internal and External Influences
2.7 System-Specific Risk Analysis
2.8 Risk Determinations
2.9 Documentation of Assessment Results
2.10 Guidelines for Assessing Risk
3.0 Topic C: Mitigate Risk
3.1 Classes of Information
3.2 Classification of Information Types into CIA Levels
3.3 Security Control Categories
3.4 Technical Controls (Template)
3.5 Technical Controls (Example Answer)
3.6 Aggregate CIA Score
3.7 Common Vulnerability Scoring System
3.8 Common Vulnerabilities and Exposures
3.9 Demo – Common Vulnerability Scoring System
3.10 Extreme Scenario Planning and Worst Case Scenarios
3.11 Risk Response Techniques
3.12 Additional Risk Management Strategies
3.13 Continuous Monitoring and Improvement
3.14 IT Governance
3.15 Guidelines for Mitigating Risk
4.0 Topic D: Integrate Documentation into Risk Management
4.1 From Policy to Procedures
4.2 Policy Development
4.3 Process and Procedure Development
4.4 Demo – Finding a Policy Template
4.5 Topics to Include in Security Policies and Procedures
4.6 Best Practices to Incorporate in Security Policies and Procedures
4.7 Business Documents That Support Security Initiatives
4.8 Guidelines for Integrating Documentation into Risk Management
4.9 Lesson 01 Review
➤ Module 02 - Analyzing the Threat Landscape
1.0 Topic A: Classify Threats and Threat Profiles
1.1 Threat Actors
1.2 Threat Motives
1.3 Threat Intentions
1.4 Attack Vectors
1.5 Attack Technique Criteria
1.6 Qualitative Threat and Impact Analysis
1.7 Guidelines for Classifying Threats and Threat Profiles
2.0 Topic B: Perform Ongoing Threat Research
2.1 Ongoing Research
2.2 Situational Awareness
2.3 Commonly Targeted Assets
2.4 The Latest Vulnerabilities
2.5 The Latest Threats and Exploits
2.6 The Latest Security Technologies
2.7 Resources Aiding in Research
2.8 Demo – Resources that Aid in Research of Threats
2.9 The Global Cybersecurity Industry and Community
2.10 Trend Data
2.11 Trend Data and Qualifying Threats
2.12 Guidelines for Performing Ongoing Threat Research
2.13 Lesson 02 Review
➤ Module 03 - Analyzing Reconnaissance Threats to Computing and Network Environments
1.0 Topic A: Implement Threat Modeling
1.1 The Diverse Nature of Threats
1.2 The Anatomy of a Cyber Attack
1.3 Threat Modeling
1.4 Reasons to Implement Threat Modeling
1.5 Threat Modeling Process
1.6 Attack Tree
1.7 Threat Modeling Tools
1.8 Threat Categories
2.0 Topic B: Assess the Impact of Reconnaissance Incidents
2.1 Footprinting, Scanning, and Enumeration
2.2 Footprinting Methods
2.3 Network and System Scanning Methods
2.4 Enumeration Methods
2.5 Evasion Techniques for Reconnaissance
2.6 Reconnaissance Tools
2.7 Packet Trace Analysis with Wireshark
2.8 Demo – Performing Reconnaissance on a Network
2.9 Demo – Examining Reconnaissance Incidents
3.0 Topic C: Assess the Impact of Social Engineering
3.1 Social Engineering
3.2 Types of Social Engineering
3.3 Phishing and Delivery Media
3.4 Phishing and Common Components
3.5 Social Engineering for Reconnaissance
3.6 Demo – Assessing the Impact of Social Engineering
3.7 Demo – Assessing the Impact of Phishing
3.8 Lesson 03 Review
➤ Module 04 - Analyzing Attacks on Computing and Network Environments
1.0 Topic A: Assess the Impact of System Hacking Attacks
1.1 System Hacking
1.2 Password Sniffing
1.3 Password Cracking
1.4 Demo – Cracking Passwords Using a Password File
1.5 Privilege Escalation
1.6 Social Engineering for Systems Hacking
1.7 System Hacking Tools and Exploitation Frameworks
2.0 Topic B: Assess the Impact of Web-Based Attacks
2.1 Client-Side vs. Server-Side Attacks
2.2 XSS
2.3 XSRF
2.4 SQL Injection
2.5 Directory Traversal
2.6 File Inclusion
2.7 Additional Web Application Vulnerabilities and Exploits
2.8 Web Services Exploits
2.9 Web-Based Attack Tools
2.10 Demo – Assessing the Impact of Web-Based Threats
3.0 Topic C: Assess the Impact of Malware
3.1 Malware Categories
3.2 Trojan Horse
3.3 Polymorphic Virus
3.4 Spyware
3.5 Supply Chain Attack
3.6 Malware Tools
3.7 Demo – Malware Detection and Removal
4.0 Topic D: Assess the Impact of Hijacking and Impersonation Attacks
4.1 Spoofing, Impersonation, and Hijacking
4.2 ARP Spoofing
4.3 DNS Poisoning
4.4 ICMP Redirect
4.5 DHCP Spoofing
4.6 NBNS Spoofing
4.7 Session Hijacking
4.8 Hijacking and Spoofing Tools
5.0 Topic E: Assess the Impact of DoS Incidents
5.1 DoS Attacks
5.2 DoS Attack Techniques
5.3 DDoS
5.4 DoS Evasion Techniques
5.5 DoS Tools
5.6 Demo – Assessing the Impact of DoS Attacks
6.0 Topic F: Assess the Impact of Threats to Mobile Security
6.1 Trends in Mobile Security
6.2 Wireless Threats
6.3 BYOD Threats
6.4 Mobile Platform Threats
6.5 Mobile Infrastructure Hacking Tools
7.0 Topic G: Assess the Impact of Threats to Cloud Security
7.1 Cloud Infrastructure Challenges
7.2 Threats to Virtualized Environments
7.3 Threats to Big Data
7.4 Example of a Cloud Infrastructure Attack
7.5 Cloud Platform Security
7.6 Lesson 04 Review
➤ Module: 05 - Analyzing Post-Attack Techniques
1.0 Topic A: Assess Command and Control Techniques
1.1 Command and Control
1.2 IRC
1.3 HTTP/S
1.4 DNS
1.5 ICMP
1.6 Additional Channels
1.7 Demo – Assessing Command and Control Techniques
2.0 Topic B: Assess Persistence Techniques
2.1 Advanced Persistent Threat
2.2 Rootkits
2.3 Backdoors
2.4 Logic Bomb
2.5 Demo – Detecting Rootkits
2.6 Rogue Accounts
3.0 Topic C: Assess Lateral Movement and Pivoting Techniques
3.1 Lateral Movement
3.2 Pass the Hash
3.3 Golden Ticket
3.4 Remote Access Services
3.5 WMIC
3.6 PsExec
3.7 Port Forwarding
3.8 VPN Pivoting
3.9 SSH Pivoting
3.10 Routing Tables and Pivoting
4.0 Topic D: Assess Data Exfiltration Techniques
4.1 Data Exfiltration
4.2 Covert Channels
4.3 Steganography
4.4 Demo – Steganography
4.5 File Sharing Services
5.0 Topic E: Assess Anti-Forensics Techniques
5.1 Anti-Forensics
5.2 Golden Ticket and Anti-Forensics
5.3 Demo – Assessing Anti-Forensics
5.4 Buffer Overflows
5.5 Memory Residents
5.6 Program Packers
5.7 VM and Sandbox Detection
5.8 ADS
5.9 Covering Tracks
5.10 Lesson 05 Review
➤ Module 06 - Evaluating the Organization’s Security Posture
1.0 Topic A: Conduct Vulnerability Assessments
1.1 Vulnerability Assessment
1.2 Penetration Testing
1.3 Vulnerability Assessment vs. Penetration Testing
1.4 Vulnerability Assessment Implementation
1.5 Vulnerability Assessment Tools
1.6 Specific Assessment Tools
1.7 Port Scanning and Fingerprinting
1.8 Sources of Vulnerability Information
1.9 Operating System and Software Patching
1.10 Systemic Security Issues
1.11 Demo – Perform a Vulnerability Scan with Nessus
1.12 Demo – Perform a Vulnerability Scan with MBSA
2.0 Topic B: Conduct Penetration Tests on Network Assets
2.1 ROE
2.2 Pen Test Phases
2.3 Pen Test Scope
2.4 External vs. Internal Pen Testing
2.5 Pen Testing Techniques
2.6 Pen Testing Tools of the Trade
2.7 Kali Linux
2.8 Data Mining
2.9 Attack Surface Scanning and Mapping
2.10 Packet Manipulation for Enumeration
2.11 Simulated Attacks
2.12 Password Attacks
2.13 Penetration Test Considerations
3.0 Topic C: Follow Up on Penetration Testing
3.1 Effective Reporting and Documentation
3.2 Target Audiences
3.3 Information Collection Methods
3.4 Penetration Test Follow-Up
3.5 Report Classification and Distribution
3.6 Lesson 06 Review
➤ Module: 07 - Collecting Cybersecurity Intelligence
1.0 Topic A: Deploy a Security Intelligence Collection and Analysis Platform
1.1 Security Intelligence
1.2 The Challenge of Security Intelligence Collection
1.3 Security Intelligence Collection Lifecycle
1.4 Security Intelligence Collection Plan
1.5 CSM
1.6 What to Monitor
1.7 Security Monitoring Tools
1.8 Data Collection
1.9 Potential Sources of Security Intelligence
1.10 Guidelines for Determining Which Data to Collect for Security Intelligence
1.11 Guidelines for Determining Which Fields You Should Log
1.12 Guidelines for Configuring Logging Systems Based on Their Impact
1.13 Guidelines for Determining Which Events Should Prompt an Alert
1.14 Information Processing
1.15 External Data Sources
1.16 Publicly Available Information
1.17 Collection and Reporting Automation
1.18 Data Retention
2.0 Topic B: Collect Data from Network-Based Intelligence Sources
2.1 Network Device Configuration Files
2.2 Network Device State Data
2.3 Switch and Router Logs
2.4 Wireless Device Logs
2.5 Firewall Logs
2.6 WAF Logs
2.7 IDS/IPS Logs
2.8 Proxy Logs
2.9 Carrier Provider Logs
2.10 Software-Defined Networking
2.11 Network Traffic and Flow Data
2.12 Log Tuning
2.13 Demo – Collecting Network-Based Security Intelligence
3.0 Topic C: Collect Data from Host-Based Intelligence Sources
3.1 Operating System Log Data
3.2 Windows Event Logs
3.3 Syslog Data
3.4 Application Logs
3.5 DNS Event Logs
3.6 SMTP Logs
3.7 HTTP Logs
3.8 FTP Logs
3.9 SSH Logs
3.10 SQL Logs
3.11 Demo – Collecting Host-Based Security Intelligence
3.12 Demo – Parsing Log Files
3.13 Lesson 07 Review
➤ Module: 08 - Analyzing Log Data
1.0 Topic A: Use Common Tools to Analyze Logs
1.1 Preparation for Analysis
1.2 Guidelines for Preparing Data for Analysis
1.3 Log Analysis Tools
1.4 The grep Command
1.5 The cut Command
1.6 The diff Command
1.7 The find Command
1.8 WMIC for Log Analysis
1.9 Event Viewer
1.10 Bash
1.11 Windows PowerShell
1.12 Additional Log Analysis Tools
1.13 Guidelines for Using Windows- and Linux-Based Tools for Log Analysis
1.14 Demo – Analyzing Linux Logs for Security Intelligence
2.0 Topic B: Use SIEM Tools for Analysis
2.1 Security Intelligence Correlation
2.2 SIEM
2.3 The Realities of SIEM
2.4 SIEM and the Intelligence Lifecycle
2.5 Guidelines for Using SIEMs for Security Intelligence Analysis
2.6 Demo – Incorporating SIEMs into Security Intelligence Analysis
3.0 Topic C: Parse Log Files with Regular Expressions
3.1 Regular Expressions
3.2 Quantification Operators
3.3 Anchor Operators
3.4 Character Set Operators
3.5 Miscellaneous Search Operators
3.6 Special Operators
3.7 Build an Expression
3.8 Keyword Searches
3.9 Special Character Searches
3.10 IP Address Searches
3.11 Guidelines for Writing Regular Expressions
3.12 Lesson 08 Review
➤ Module: 09 - Performing Active Asset and Network Analysis
1.0 Topic A: Analyze Incidents with Windows-Based Tools
1.1 Registry Editor (regedit)
1.2 Analysis with Registry Editor
1.3 File System Analysis Tools for Windows
1.4 Process Explorer
1.5 Process Monitor
1.6 Service Analysis Tools for Windows
1.7 Volatile Memory Analysis Tools for Windows
1.8 Active Directory Analysis Tools
1.9 Network Analysis Tools for Windows
1.10 Demo – Windows-Based Incident Analysis Tools
2.0 Topic B: Analyze Incidents with Linux-Based Tools
2.1 File System Analysis Tools for Linux
2.2 Process Analysis Tools for Linux
2.3 Volatile Memory Analysis Tools for Linux
2.4 Session Analysis Tools for Linux
2.5 Network Analysis Tools for Linux
2.6 Demo – Linux-Based Incident Analysis Tools
3.0 Topic C: Analyze Malware
3.1 Malware Sandboxing
3.2 Crowd-Sources Signature Detection
3.3 VirusTotal Malware Entry
3.4 Reverse Engineering
3.5 Disassemblers
3.6 Disassembly of Malware in IDA
3.7 Malware Strings
3.8 Anti-Malware Solutions
3.9 MAEC
3.10 Guidelines for Analyzing Malware
3.11 Demo – Analyzing Malware
4.0 Topic D: Analyze Indicators of Compromise
4.1 IOCs
4.2 Unauthorized Software and Files
4.3 Suspicious Emails
4.4 Suspicious Registry Entries
4.5 Unknown Port and Protocol Usage
4.6 Excessive Bandwidth Usage
4.7 Service Disruption and Defacement
4.8 Rogue Hardware
4.9 Suspicious or Unauthorized Account Usage
4.10 Guidelines for Analyzing Indicators of Compromise
4.11 Demo – Analyzing Indicators of Compromise
4.12 Lesson 09 Review
➤ Module: 10 - Responding to Cybersecurity Incidents
1.0 Topic A: Deploy an Incident Handling and Response Architecture
1.1 Incident Handling and Response Planning
1.2 Site Book
1.3 Incident Response Process
1.4 SOCs
1.5 CSIRT Organization
1.6 CSIRT Roles
1.7 A Day in the Life of a CSIRT
1.8 CSIRT Communication Process
1.9 Incident Indicator Sources
1.10 The Impact and Scope of Incidents
1.11 Incident Evaluation and Analysis
1.12 Incident Containment
1.13 Incident Mitigation and Eradication
1.14 Incident Recovery
1.15 Lessons Learned
1.16 Incident Handling Tools
2.0 Topic B: Mitigate Incidents
2.1 System Hardening
2.2 Demo – Hardening Windows Servers
2.3 System and Application Isolation
2.4 Blacklisting
2.5 Whitelisting
2.6 DNS Filtering
2.7 Demo – DNS Filtering
2.8 Demo – Blacklisting and Whitelisting
2.9 Black Hole Routing
2.10 Mobile Device Management
2.11 Devices Used in Mitigation
2.12 The Importance of Updating Device Signatures
2.13 Guidelines for Mitigating Incidents
3.0 Topic C: Prepare for Forensic Investigation as a CSIRT
3.1 The Duties of a Forensic Analyst
3.2 Communication of CSIRT Outcomes to Forensic Analysts
3.3 Guidelines for Conducting Post-Incident Tasks
3.4 Lesson 10 Review
➤ Module: 11 - Investigating Cybersecurity Incidents
1.0 Topic A: Apply a Forensic Investigation Plan
1.1 A Day in the Life of a Forensic Analyst
1.2 Forensic Investigation Models
1.3 Forensic Investigation Preparation
1.4 Investigation Scope
1.5 Timeline Generation and Analysis
1.6 Authentication of Evidence
1.7 Chain of Custody
1.8 Communication and Interaction with Third Parties
1.9 Forensic Toolkits
1.10 Guidelines for Preparing for a Forensic Investigation
2.0 Topic B: Securely Collect and Analyze Electronic Evidence
2.1 Order of Volatility
2.2 File Systems
2.3 File Carving and Data Extraction
2.4 Persistent Data
2.5 Data Preservation for Forensics
2.6 Forensic Analysis of Compromised Systems
2.7 Demo – Securely Collecting Electronic Evidence
2.8 Demo – Analyzing Forensic Evidence
3.0 Topic C: Follow Up on the Results of an Investigation
3.1 Cyber Law
3.2 Technical Experts and Law Enforcement Liaisons
3.3 Documentation of Investigation Results
3.4 Lesson 11 Review
3.5 Next Steps
3.6 Course Closure
WhatsApp chat