This course provides comprehensive training on network defense and incident response methodologies, tactics, and procedures, aligned with industry standards such as NIST 800-61 r.2 (Computer Security Incident Handling), US-CERT’s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy. It is particularly suitable for professionals tasked with monitoring and detecting security incidents within information systems and networks, as well as executing standardized responses. The curriculum introduces tools, tactics, and procedures to manage cybersecurity risks, identify common threat types, evaluate organizational security posture, collect and analyze cybersecurity intelligence, and remediate and report incidents in real time. This course offers a robust methodology for individuals responsible for safeguarding their organization’s cybersecurity.
Designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-310) certification examination, the skills and practices acquired here form a significant part of your preparation. Furthermore, this course and the subsequent CFR-310 certification satisfy all requirements for personnel needing DoD directive 8570.01-M position certification baselines:
• CSSP Analyst
• CSSP Infrastructure Support
• CSSP Incident Responder
• CSSP Auditor
Course Objectives: Upon completion, you will understand, assess, and respond to security threats, and operate a system and network security analysis platform. You will:
• Compare and contrast various threats and classify threat profiles
• Explain the purpose and usage of attack tools and techniques
• Explain the purpose and usage of post-exploitation tools and tactics
• Explain the purpose and usage of social engineering tactics
• In given scenarios, conduct ongoing threat landscape research and utilize data to prepare for incidents
• Explain the purpose and characteristics of various data sources
• In given scenarios, use appropriate tools to analyze logs
• In given scenarios, use regular expressions to parse log files and locate meaningful data
• In given scenarios, use Windows tools to analyze incidents
• In given scenarios, use Linux-based tools to analyze incidents
• Summarize methods and tools used for malware analysis
• In given scenarios, analyze common indicators of potential compromise
• Explain the importance of best practices in incident response preparation
• In given scenarios, execute the incident response process
• Explain the importance of concepts unique to forensic analysis
• Explain general mitigation methods and devices
Target Audience: This course is primarily designed for cybersecurity professionals who are preparing for or currently performing job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for roles within federal contracting companies and private sector firms whose missions or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DODIN) operations and incident handling. The course focuses on the knowledge, abilities, and skills necessary to defend these information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes.
Additionally, the course ensures that all members of an IT team—regardless of size, rank, or budget—understand their role in cyber defense, incident response, and incident handling processes.
Read more...
