• Classroom
  • Online, Instructor-Led
Course Description

CyberSec First Responder™ (CFR) is intended for individuals with experience working in an environment as part of a CERT/CSIRT/SOC who protect critical systems.

Learning Objectives

Training Objectives include:

  • Compare and contrast various threats and classify threat profile
  • Explain the purpose and use of attack tools and technique
  • Explain the purpose and use of post exploitation tools and tactic
  • Explain the purpose and use of social engineering tactic
  • Given a scenario, perform ongoing threat landscape research and use data to prepare for incident
  • Explain the purpose and characteristics of various data source 
  • Given a scenario, use appropriate tools to analyze log
  • Given a scenario, use regular expressions to parse log files and locate meaningful data
  • Given a scenario, use Windows tools to analyze incidents
  • Given a scenario, use Linux-based tools to analyze incidents
  • Summarize methods and tools used for malware analysis
  • Given a scenario, analyze common indicators of potential compromise
  • Explain the importance of best practices in preparation for incident response
  • Given a scenario, execute incident response process
  • Explain the importance of concepts that are unique to forensic analysis
  • Explain general mitigation methods and devices

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.