CyberSec First Responder (CFR-310)
CyberSec First Responder (CFR-310) Overview
This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents.
0h 5m
[MUSIC]
Greetings everyone, I am Daniel Lowrie
with ITPROTV and I'm going to take you
through what you're going to need to know
and learn in the cybersec first responders
series before the CFR 3 10 exam.
Let me tell you a little bit about myself.
I've been in systems and networking and
also security for over 20 years now, so
I'm gonna bring that
knowledge to the table and
act as your subject matter
expert throughout this series.
I will be joined by a host and they
will be acting as the learner for you.
So those questions that you're probably
thinking about as we go through this,
they'll be answering and asking, we're
asking that for you as we move along.
Now.
Let me tell you a little bit about
the exam itself and I think the best way
to do that is just to jump into certain
excesses website and take a look at
the information they get through us there.
You can see for
the cybersec first responder this is the
Blue team certification for cybersecurity.
It's got a lot of information here.
I think one of the most important things
is that it says that it is a comprehensive
certification designed to validate the
knowledge and skills required to protect
these critical information systems before,
during and after an incident.
And I think that's probably a very
important thing, but a very key idea to
how we're gonna move and progress through
the series of stuff that we're trying to
help you make sure you know, all the
things you need to know for the exam and
that you're going to validate skills you
probably already have because as you,
as we get down into, we'll see that you're
probably working in that role anyway.
You see this is also DOD8570 or
8140 compliance.
So if you need a certification that is
that meets that compliance specification,
the CFR will do that for you.
All right.
A couple of the things we need to know.
Let's see here.
Let's let's move down through and
take a look at what the exam
will actually look like.
Kind of gives you some information like
target candidate, which are individuals
with between three and five years of
experience working in a computing
environment as part of the of assert or
C search or maybe you work in a sock and
you protect critical information systems
before, during and after incidents.
Like I said, a little bit of validation.
Some of the common job roles that you'll
see that lend itself to the certification.
And then of course, the exam description
is probably the most important part for
us, things that we need to know again,
successful candidate has the knowledge.
It's going to certify that,
that you have the knowledge, skills and
abilities to require to deal with
the changing threat landscape.
And we'll be able to assess risk and
vulnerabilities, acquire data,
perform analysis,
continually, communicate and
determine scope, recommend remediation and
accurately report those results.
It's going to be 100 questions,
120 minutes, multiple choice,
multiple response.
Let's see what else serious will
be done at Pearson Vue Centers.
So if you want to take the exam,
we're gonna go to a Pearson Vue Center and
sit in a Proctor testing booth.
You need a 70 to 71% passing score and
it's going to depend on the exam
form that you're actually
delivered at the time of the exam.
Very important.
One other thing I want to kind of
go through is the goals of this and
how this series is gonna be structured and
a helpful thing for
that is if you come right here under exam
details and click this exam blueprint,
you'll find inside that document the
domains that make up the CFR study guide.
Right?
So we have threats and attacks,
data collection and analysis, incident
response methods, tools and techniques,
the incident response process and
vulnerability assessments.
So five domains breaking it up on what
you're going to be responsible for
when it comes to the exam itself.
So very good stuff.
And what I'm gonna do is I'm
gonna take each one of these.
I'm gonna look through, I'm going
to basically take your outline and
we're gonna make episodes out
of each one of those modules so
that we make sure to hit on every point
you'll need to be successful on the exam.
So that's that's my goal as
the subject matter experts.
A couple of resources that
could be helpful in this as you
follow along with me is have
maybe some virtualization, right?
So spin up your favorite virtual box or
VM ware workstation or fusion or whatever
the case may be and I would highly
recommend a collie Lennox distribution and
maybe one or two Windows machines as well
just so that you can play around this
stuff, get some hands on from there
any other resources that you'll need.
I'll make sure to give you that
information per those episodes,
that being said,
I'm pretty excited about this series.
It's gonna be a lot of fun.
We're going to take a look at
threats from the attacking side.
We're gonna take a look at defense
obviously from the Blue team side of
things and we're gonna get a really well
rounded perspective of what you need to
do to be successful as a first responder,
as an incident responder and
how you can validate those skills and
knowledge that you already have for
your job you're already at, or
maybe a new one in the future.
So I'm really excited again and
I will see you in the upcoming series.
[MUSIC]
Overview
This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. In addition, this course and subsequent certification meet all requirements for personnel requiring DoD directive 8570.01-M position certification baselines: - CSSP Analyst - CSSP Infrastructure Support - CSSP Incident Responder - CSSP Auditor
Learning Style
On Demand
Length of course
13h 17m
52 Episodes
Here are the topics we'll cover
- Threats and Attacks
- Gaining Access
- Post-Exploitation
- Threat Research and Incident Prep
- Data Collection and Analysis
- Incident Response Techniques
- Vulnerability Assessments
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel & Reseller
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.