Cybersecurity & Incident Response Expert

(CFR™)

All our courses are 100% teacher-led by our authorized instructors and include certification exams.
Getting certified, you can also have the possibility to join Be Licensed’s recruitment portal.

Course Overview

Master the art of network defense and incident response with our comprehensive course, designed to align with industry frameworks like NIST 800-61r2, US-CERT's NCIRP, and PPD-41. Gain practical skills to monitor, detect, and respond to security incidents, while learning to defend against threats and manage cybersecurity risks. Ideal for professionals tasked with safeguarding digital assets, this course equips you with the tools and knowledge to analyze cybersecurity intelligence, assess vulnerabilities, and execute effective incident responses. Stay ahead of evolving threats and enhance your organization’s security posture with this essential training.

Course outcome

By completing this course, individuals will gain comprehensive expertise in areas such as asset identification, vulnerability assessment, and network analysis, preparing them to identify and mitigate security risks in various IT environments. The course covers threat detection and incident response, equipping participants with the skills to monitor systems, analyze attacks, and implement recovery strategies. It also emphasizes compliance with security regulations, forensic evidence collection, and communication with stakeholders to ensure effective incident management. This training prepares participants to confidently take the associated exam.

Your new skills

Asset identification (applications, servers, operating systems, etc.)
Vulnerability assessment processes (identification of common vulnerabilities)
Network analysis (topology, architecture, data flow)
Log source utilization (continuous monitoring, detection of anomalies)
Threat and vulnerability analysis (analyzing attacks and post-attack techniques)
Incident response processes (prepare and execute incident response)
Recovery planning and procedures (restoring systems after incidents)
Threat modeling (identifying threat actors and vulnerabilities)
Security policy implementation (compliance with security regulations)
Forensic evidence collection (documenting and securing evidence)
Security posture trend analysis (analyzing and reporting system security trends)
Threat detection (using Intrusion Detection Systems, Firewalls, SIEM)
Communication with stakeholders (coordinating incident responses)
Compliance and risk assessment (evaluating an organization's cybersecurity posture)
Vulnerability scanning tools (e.g., Nessus, Nmap)

Prerequisites:

Knowledge:

To succeed in the course, the following background knowledge is recommended:

At least two years (recommended) of experience or education in computer network security technology or a related field.
The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.
Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
Foundation-level skills with some of the common operating systems for computing environments.
Entry-level understanding of some of the common concepts for network environments such as routing and switching.
General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.

Hardware: (supplied over Logical Operations Labs service)

Server running Windows Server 2019 Standard Editionsome text
- 2 gigahertz (GHz) 64-bit (x64) processor.
- 4 gigabytes (GB) of Random Access Memory (RAM).
Computer running Windows 10 Professional 64-bitsome text
- 2 GHz 64-bit processor that supports the VT-x or AMD-V virtualization instruction set and
- Second Level Address Translation (SLAT).
- 8 GB of RAM. This client will host a Linux® virtual machine.

Software: 3rd-party internet browser - Google Chrome suggested

Miscellaneous software that is not included in the course data files due to licensing restrictions:

Java Runtime Environment (JRE) version 8u291 (JavaSetup8u291.exe).
Npcap version 1.50 (npcap-1.50.exe).
Process Explorer version 16.42 (procexp.exe).
Splunk® Enterprise version 8.2.1 (splunk-8.2.1-ddff1c41e5cf-x64-release.msi).
Log Parser version 2.2 (LogParser.msi).
Log Parser Studio version 2.0 (LPSV2.D2.zip).

Access: Internet access - a stable fiber connection of at least 10 Mbps up and down speeds is recommended.

‍

Other Information:

Certification Included: Yes - CertNexus CFR-410

Exam Format: Multiple Choice / Multiple Response (Pearson VUE)

Total Exam Questions: 80

Exam Pass Mark: 71% or 72% depending on exam form. Forms have been statistically equated.

Exam Validity Period: 3 years

What is included in the price?

Fully led by an authorized instructor.

All materials needed to complete the course are included in the course fee. This includes course literature, exercise assignments and fees for the certification exam.

The course is held remotely in a virtual classroom. All lectures are recorded and are available as reference material for two weeks after course completion.