Cyber Security Training Catalog – CyberSec First Responder: Threat Detection and Response (Exam CFR-210) Series (Logical Operations)

Overview: This series will help students to understand the anatomy of cyber-attacks. Individuals will gain the skills needed to serve their organizations before, during, and after a breach. A CyberSec First Responder is the first line of defense against cyber-attacks. Students will prepare to analyze threats, design secure computing and network environments, proactively defend networks, and respond/investigate cybersecurity incidents.

$150.00Add to cart

Course Modules

(Duration: 1h 3m)

  1. Workbook (Pdf)
  2. Topic A: Identify the Importance of Risk Management
  3. Elements of Cybersecurity (Perimeter Model)
  4. Elements of Cybersecurity (Endpoint Model)
  5. The Risk Equation
  6. Risk Management
  7. The Importance of Risk Management
  8. ERM
  9. Reasons to Implement ERM
  10. Risk Exposure
  11. Risk Analysis Methods
  12. Risks Facing an Enterprise
  13. Topic B: Assess Risk
  14. ESA Frameworks
  15. ESA Framework Assessment Process
  16. New and Changing Business Models
  17. De-perimeterization
  18. New Products and Technologies
  19. Internal and External Influences
  20. System-Specific Risk Analysis
  21. Risk Determinations
  22. Documentation of Assessment Results
  23. Guidelines for Assessing Risk
  24. Topic C: Mitigate Risk
  25. Classes of Information
  26. Classification of Information Types into CIA Levels
  27. Security Control Categories
  28. Technical Controls (Template)
  29. Technical Controls (Example Answer)
  30. Aggregate CIA Score
  31. Common Vulnerability Scoring System
  32. Common Vulnerabilities and Exposures
  33. Demo – Common Vulnerability Scoring System
  34. Extreme Scenario Planning and Worst Case Scenarios
  35. Risk Response Techniques
  36. Additional Risk Management Strategies
  37. Continuous Monitoring and Improvement
  38. IT Governance
  39. Guidelines for Mitigating Risk
  40. Topic D: Integrate Documentation into Risk Management
  41. From Policy to Procedures
  42. Policy Development
  43. Process and Procedure Development
  44. Demo – Finding a Policy Template
  45. Topics to Include in Security Policies and Procedures
  46. Best Practices to Incorporate in Security Policies and Procedures
  47. Business Documents That Support Security Initiatives
  48. Guidelines for Integrating Documentation into Risk Management
  49. Lesson 01 Review
  50. Review Quiz (Number of attempts allowed: Unlimited

(Duration: 24m)

  1. Workbook (Pdf)
  2. Topic A: Classify Threats and Threat Profiles
  3. Threat Actors
  4. Threat Motives
  5. Threat Intentions
  6. Attack Vectors
  7. Attack Technique Criteria
  8. Qualitative Threat and Impact Analysis
  9. Guidelines for Classifying Threats and Threat Profiles
  10. Topic B: Perform Ongoing Threat Research
  11. Ongoing Research
  12. Situational Awareness
  13. Commonly Targeted Assets
  14. The Latest Vulnerabilities
  15. The Latest Threats and Exploits
  16. The Latest Security Technologies
  17. Resources Aiding in Research
  18. Demo – Resources that Aid in Research of Threats
  19. The Global Cybersecurity Industry and Community
  20. Trend Data
  21. Trend Data and Qualifying Threats
  22. Guidelines for Performing Ongoing Threat Research
  23. Lesson 02 Review
  24. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 57m)

  1. Workbook (Pdf)
  2. Topic A: Implement Threat Modeling
  3. The Diverse Nature of Threats
  4. The Anatomy of a Cyber Attack
  5. Threat Modeling
  6. Reasons to Implement Threat Modeling
  7. Threat Modeling Process
  8. Attack Tree
  9. Threat Modeling Tools
  10. Threat Categories
  11. Topic B: Assess the Impact of Reconnaissance Incidents
  12. Footprinting, Scanning, and Enumeration
  13. Footprinting Methods
  14. Network and System Scanning Methods
  15. Enumeration Methods
  16. Evasion Techniques for Reconnaissance
  17. Reconnaissance Tools
  18. Packet Trace Analysis with Wireshark
  19. Demo – Performing Reconnaissance on a Network
  20. Demo – Examining Reconnaissance Incidents
  21. Topic C: Assess the Impact of Social Engineering
  22. Social Engineering
  23. Types of Social Engineering
  24. Phishing and Delivery Media
  25. Phishing and Common Components
  26. Social Engineering for Reconnaissance
  27. Demo – Assessing the Impact of Social Engineering
  28. Demo – Assessing the Impact of Phishing
  29. Lesson 03 Review
  30. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1h 36m)

  1. Workbook (Pdf)
  2. Topic A: Assess the Impact of System Hacking Attacks
  3. System Hacking
  4. Password Sniffing
  5. Password Cracking
  6. Demo – Cracking Passwords Using a Password File
  7. Privilege Escalation
  8. Social Engineering for Systems Hacking
  9. System Hacking Tools and Exploitation Frameworks
  10. Topic B: Assess the Impact of Web-Based Attacks
  11. Client-Side vs. Server-Side Attacks
  12. XSS
  13. XSRF
  14. SQL Injection
  15. Directory Traversal
  16. File Inclusion
  17. Additional Web Application Vulnerabilities and Exploits
  18. Web Services Exploits
  19. Web-Based Attack Tools
  20. Demo – Assessing the Impact of Web-Based Threats
  21. Topic C: Assess the Impact of Malware
  22. Malware Categories
  23. Trojan Horse
  24. Polymorphic Virus
  25. Spyware
  26. Supply Chain Attack
  27. Malware Tools
  28. Demo – Malware Detection and Removal
  29. Topic D: Assess the Impact of Hijacking and Impersonation Attacks
  30. Spoofing, Impersonation, and Hijacking
  31. ARP Spoofing
  32. DNS Poisoning
  33. ICMP Redirect
  34. DHCP Spoofing
  35. NBNS Spoofing
  36. Session Hijacking
  37. Hijacking and Spoofing Tools
  38. Topic E: Assess the Impact of DoS Incidents
  39. DoS Attacks
  40. DoS Attack Techniques
  41. DDoS
  42. DoS Evasion Techniques
  43. DoS Tools
  44. Demo
  45. – Assessing the Impact of DoS Attacks
  46. Topic F: Assess the Impact of Threats to Mobile Security
  47. Trends in Mobile Security
  48. Wireless Threats
  49. BYOD Threats
  50. Mobile Platform Threats
  51. Mobile Infrastructure Hacking Tools
  52. Topic G: Assess the Impact of Threats to Cloud Security
  53. Cloud Infrastructure Challenges
  54. Threats to Virtualized Environments
  55. Threats to Big Data
  56. Example of a Cloud Infrastructure Attack
  57. Cloud Platform Security
  58. Lesson 04 Review
  59. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1.3h) 

  1. Workbook (Pdf)
  2. Topic A: Assess Command and Control Techniques
  3. Command and Control
  4. IRC
  5. HTTP/S
  6. DNS
  7. ICMP
  8. Additional Channels
  9. Demo
  10. – Assessing Command and Control Techniques
  11. Topic B: Assess Persistence Techniques
  12. Advanced Persistent Threat
  13. Rootkits
  14. Backdoors
  15. Logic Bomb
  16. Demo
  17. – Detecting Rootkits
  18. Rogue Accounts
  19. Topic C: Assess Lateral Movement and Pivoting Techniques
  20. Lateral Movement
  21. Pass the Hash
  22. Golden Ticket
  23. Remote Access Services
  24. WMIC
  25. PsExec
  26. Port Forwarding
  27. VPN Pivoting
  28. SSH Pivoting
  29. Routing Tables and Pivoting
  30. Topic D: Assess Data Exfiltration Techniques
  31. Data Exfiltration
  32. Covert Channels
  33. Steganography
  34. Demo
  35. – Steganography
  36. File Sharing Services
  37. Topic E: Assess Anti
  38. -Forensics Techniques
  39. Anti
  40. -Forensics
  41. Golden Ticket and Anti
  42. -Forensics
  43. Demo
  44. – Assessing Anti
  45. -Forensics
  46. Buffer Overflows
  47. Memory Residents
  48. Program Packers
  49. VM and Sandbox Detection
  50. ADS
  51. Covering Tracks
  52. Lesson 05 Review
  53. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 54m)

  1. Workbook (Pdf)
  2. Topic A: Conduct Vulnerability Assessments
  3. Vulnerability Assessment
  4. Penetration Testing
  5. Vulnerability Assessment vs. Penetration Testing
  6. Vulnerability Assessment Implementation
  7. Vulnerability Assessment Tools
  8. Specific Assessment Tools
  9. Port Scanning and Fingerprinting
  10. Sources of Vulnerability Information
  11. Operating System and Software Patching
  12. Systemic Security Issues
  13. Demo
  14. – Perform a Vulnerability Scan with Nessus
  15. Demo
  16. – Perform a Vulnerability Scan with MBSA
  17. Topic B: Conduct Penetration Tests on Network Assets
  18. ROE
  19. Pen Test Phases
  20. Pen Test Scope
  21. External vs. Internal Pen Testing
  22. Pen Testing Techniques
  23. Pen Testing Tools of the Trade
  24. Kali Linux
  25. Data Mining
  26. Attack Surface Scanning and Mapping
  27. Packet Manipulation for Enumeration
  28. Simulated Attacks
  29. Password Attacks
  30. Penetration Test Considerations
  31. Topic C: Follow Up on Penetration Testing
  32. Effective Reporting and Documentation
  33. Target Audiences
  34. Information Collection Methods
  35. Penetration Test Follow
  36. -Up
  37. Report Classification and Distribution
  38. Lesson 06 Review
  39. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1h 15m)

  1. Workbook (Pdf)
  2. Topic A: Deploy a Security Intelligence Collection and Analysis Platform
  3. Security Intelligence
  4. The Challenge of Security Intelligence Collection
  5. Security Intelligence Collection Lifecycle
  6. Security Intelligence Collection Plan
  7. CSM
  8. What to Monitor
  9. Security Monitoring Tools
  10. Data Collection
  11. Potential Sources of Security Intelligence
  12. Guidelines for Determining Which Data to Collect for Security Intelligence
  13. Guidelines for Determining Which Fields You Should Log
  14. Guidelines for Configuring Logging Systems Based on Their Impact
  15. Guidelines for Determining Which Events Should Prompt an Alert
  16. Information Processing
  17. External Data Sources
  18. Publicly Available Information
  19. Collection and Reporting Automation
  20. Data Retention
  21. Topic B: Collect Data from Network-Based Intelligence Sources
  22. Network Device Configuration Files
  23. Network Device State Data
  24. Switch and Router Logs
  25. Wireless Device Logs
  26. Firewall Logs
  27. WAF Logs
  28. IDS/IPS Logs
  29. Proxy Logs
  30. Carrier Provider Logs
  31. Software-Defined Networking
  32. Network Traffic and Flow Data
  33. Log Tuning
  34. Demo – Collecting Network-Based Security Intelligence
  35. Topic C: Collect Data from Host-Based Intelligence Sources
  36. Operating System Log Data
  37. Windows Event Logs
  38. Syslog Data
  39. Application Logs
  40. DNS Event Logs
  41. SMTP Logs
  42. HTTP Logs
  43. FTP Logs
  44. SSH Logs
  45. SQL Logs
  46. Demo – Collecting Host-Based Security Intelligence
  47. Demo – Parsing Log Files
  48. Lesson 07 Review
  49. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1h 23m)

  1. Workbook (Pdf)
  2. Topic A: Use Common Tools to Analyze Logs
  3. Preparation for Analysis
  4. Guidelines for Preparing Data for Analysis
  5. Log Analysis Tools
  6. The grep Command
  7. The cut Command
  8. The diff Command
  9. The find Command
  10. WMIC for Log Analysis
  11. Event Viewer
  12. Bash
  13. Windows PowerShell
  14. Additional Log Analysis Tools
  15. Guidelines for Using Windows- and Linux-Based Tools for Log Analysis
  16. Demo – Analyzing Linux Logs for Security Intelligence
  17. Topic B: Use SIEM Tools for Analysis
  18. Security Intelligence Correlation
  19. SIEM
  20. The Realities of SIEM
  21. SIEM and the Intelligence Lifecycle
  22. Guidelines for Using SIEMs for Security Intelligence Analysis
  23. Demo – Incorporating SIEMs into Security Intelligence Analysis
  24. Topic C: Parse Log Files with Regular Expressions
  25. Regular Expressions
  26. Quantification Operators
  27. Anchor Operators
  28. Character Set Operators
  29. Miscellaneous Search Operators
  30. Special Operators
  31. Build an Expression
  32. Keyword Searches
  33. Special Character Searches
  34. IP Address Searches
  35. Guidelines for Writing Regular Expressions
  36. Lesson 08 Review
  37. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1h 41m)

  1. Workbook (Pdf)
  2. Topic A: Analyze Incidents with Windows-Based Tools
  3. Registry Editor (regedit)
  4. Analysis with Registry Editor
  5. File System Analysis Tools for Windows
  6. Process Explorer
  7. Process Monitor
  8. Service Analysis Tools for Windows
  9. Volatile Memory Analysis Tools for Windows
  10. Active Directory Analysis Tools
  11. Network Analysis Tools for Windows
  12. Demo – Windows-Based Incident Analysis Tools
  13. Topic B: Analyze Incidents with Linux-Based Tools
  14. File System Analysis Tools for Linux
  15. Process Analysis Tools for Linux
  16. Volatile Memory Analysis Tools for Linux
  17. Session Analysis Tools for Linux
  18. Network Analysis Tools for Linux
  19. Demo
  20. – Linux
  21. -Based Incident Analysis Tools
  22. Topic C: Analyze Malware
  23. Malware Sandboxing
  24. Crowd
  25. -Sources Signature Detection
  26. VirusTotal Malware Entry
  27. Reverse Engineering
  28. Disassemblers
  29. Disassembly of Malware in IDA
  30. Malware Strings
  31. Anti
  32. -Malware Solutions
  33. MAEC
  34. Guidelines for Analyzing Malware
  35. Demo
  36. – Analyzing Malware
  37. Topic D: Analyze Indicators of Compromise
  38. IOCs
  39. Unauthorized Software and Files
  40. Suspicious Emails
  41. Suspicious Registry Entries
  42. Unknown Port and Protocol Usage
  43. Excessive Bandwidth Usage
  44. Service Disruption and Defacement
  45. Rogue Hardware
  46. Suspicious or Unauthorized Account Usage
  47. Guidelines for Analyzing Indicators of Compromise
  48. Demo
  49. – Analyzing Indicators of Compromise
  50. Lesson 09 Review
  51. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 1h 13m)

  1. Workbook (Pdf)
  2. Topic A: Deploy an Incident Handling and Response Architecture
  3. Incident Handling and Response Planning
  4. Site Book
  5. Incident Response Process
  6. SOCs
  7. CSIRT Organization
  8. CSIRT Roles
  9. A Day in the Life of a CSIRT
  10. CSIRT Communication Process
  11. Incident Indicator Sources
  12. The Impact and Scope of Incidents
  13. Incident Evaluation and Analysis
  14. Incident Containment
  15. Incident Mitigation and Eradication
  16. Incident Recovery
  17. Lessons Learned
  18. Incident Handling Tools
  19. Topic B: Mitigate Incidents
  20. System Hardening
  21. Demo – Hardening Windows Servers
  22. System and Application Isolation
  23. Blacklisting
  24. Whitelisting
  25. DNS Filtering
  26. Demo – DNS Filtering
  27. Demo – Blacklisting and Whitelisting
  28. Black Hole Routing
  29. Mobile Device Management
  30. Devices Used in Mitigation
  31. The Importance of Updating Device Signatures
  32. Guidelines for Mitigating Incidents
  33. Topic C: Prepare for Forensic Investigation as a CSIRT
  34. The Duties of a Forensic Analyst
  35. Communication of CSIRT Outcomes to Forensic Analysts
  36. Guidelines for Conducting Post-Incident Tasks
  37. Lesson 10 Review
  38. Review Quiz (Number of attempts allowed: Unlimited)

(Duration: 36m)

  1. Workbook (Pdf)
  2. Topic A: Apply a Forensic Investigation Plan
  3. A Day in the Life of a Forensic Analyst
  4. Forensic Investigation Models
  5. Forensic Investigation Preparation
  6. Investigation Scope
  7. Timeline Generation and Analysis
  8. Authentication of Evidence
  9. Chain of Custody
  10. Communication and Interaction with Third Parties
  11. Forensic Toolkits
  12. Guidelines for Preparing for a Forensic Investigation
  13. Topic B: Securely Collect and Analyze Electronic Evidence
  14. Order of Volatility
  15. File Systems
  16. File Carving and Data Extraction
  17. Persistent Data
  18. Data Preservation for Forensics
  19. Forensic Analysis of Compromised Systems
  20. Demo – Securely Collecting Electronic Evidence
  21. Demo – Analyzing Forensic Evidence
  22. Topic C: Follow Up on the Results of an Investigation
  23. Cyber Law
  24. Technical Experts and Law Enforcement Liaisons
  25. Documentation of Investigation Results
  26. Lesson 11 Review
  27. Next Steps
  28. Course Closure
  29. Review Quiz (Number of attempts allowed: Unlimited)

Training Final Exam ?

Are you ready to earn your certificate of completion?

Launch The Exam

This course includes
  • about 11.50 hours on-demand video
  • 11 downloadable Pdf Workbooks
  • Unlimited time access (During Membership)
  • Access on mobile and Desktop
  • Certificate of Completion

Course Features Include:

  • Expert Lectures
    Learn on-demand from top instructors who are industry subject matter experts. Our highly certified expert instructors possess a superior understanding of the subject matter in their fields and have the ability to convey this knowledge in an effective, engaging, and professional manner to a wide audience.

  • Certificates of Completion
    Upon completion of a series of courses you can earn a certificate of completion from Career Academy. Certificates of Completion will display your full name, course completed, as well as the date of completion. Students have the ability to print this out or save it digitally to showcase your accomplishment.

  • PowerPoint Visuals:
    Many of the in-depth theories and processes discussed in our courses can be learned most efficiently through the detailed PowerPoint slides presented. These visuals are accompanied by an instructor voice-over to provide our students with a clear, efficient, and complete presentation of concepts.

  • Professional Development Activities
    Students are provided access to professional development activity files which allow for an individual to test out course theories and apply the knowledge they earned from the course.

  • Review Quizzes
    Once a course is completed, test your knowledge by taking our course review quiz! Students have the ability to retake any review quizzes as many times as they wish to ensure they understand the material or to improve upon their scores.

  • Mobile Access
    With our universal course player, you can learn from your computer, tablet as well as mobile devices. Keep up with your training on the go!

Trusted by Aspiring IT Professionals, Corporations and
Government agencies
for more than a Decade

Get unlimited online access learn anywhere, anytime using your computer or mobile device!