CyberSec First Responder: Threat Detection and Response

This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a computer security incident response team (CSIRT).

0 STUDENTS ENROLLED

    This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a computer security incident response team (CSIRT). The course introduces strategies, frameworks, methodologies, and tools to manage cybersecurity risks, identify various types of common threats, design and operate secure computing and networking environments, assess and audit the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. The course also covers closely related information assurance topics such as auditing and forensics to provide a sound basis for a comprehensive approach to security aimed toward those on the front lines of defense.

    Course Length: 5 Days

    Learning Path: (Click to enlarge)

    This course is CPD accredited and could be counted towards your CPD hours.

    In this course, you will develop, operate, manage, and enforce security capabilities for systems and networks.

    You will:

    • Assess information security risk in computing and network environments.
    • Create an information assurance lifecycle process.
    • Analyze threats to computing and network environments.
    • Design secure computing and network environments.
    • Operate secure computing and network environments.
    • Assess the security posture within a risk management framework.
    • Collect cybersecurity intelligence information.
    • Analyze collected intelligence to define actionable response.
    • Respond to cybersecurity incidents.
    • Investigate cybersecurity incidents.
    • Audit secure computing and network environments.

    Target Student:

    This course is designed for cybersecurity practitioners who perform job functions related to protecting and defending information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the restoration of those information systems in a cybersecurity context including protection, detection, investigation, reaction, response, and auditing capabilities.

    This course is also designed to assist students in preparing for the CyberSec First Responder: Threat Detection and Response (Exam CFR-101) certification examination. What you learn and practice in this course can be a significant part of your preparation.

    In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training. This program is designed for personnel performing IA functions, establishing IA policies and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks.

    Prerequisites:

    To ensure your success in this course you should have the following requirements:

    • At least two years (recommended) of experience in computer network security technology or a related field.
    • Recognize information security vulnerabilities and threats in the context of risk management.
    • Operate at a foundational level some of the common operating systems for computing environments.
    • Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
    • Operate at a foundational level some of the common concepts for network environments, such as routing and switching.
    • Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and virtual private networks (VPNs).

    You can obtain this level of skills and knowledge by taking the following Logical Operations courses or by passing the relevant exams:

    • CompTIA® A+®: A Comprehensive Approach (Exams 200-801 and 220-802)
    • CompTIA® Network+® (Exam N10-005)
    • CompTIA® Security+® (Exam SY0-401)

    Lesson 1: Assessing Information Security Risk

    Topic A: Identify the Importance of Risk Management

    Topic B: Assess Risk

    Topic C: Mitigate Risk

    Topic D: Integrate Documentation into Risk Management

    Lesson 2: Creating an Information Assurance Lifecycle Process

    Topic A: Evaluate Information Assurance Lifecycle Models

    Topic B: Align Information Security Operations to the Information Assurance Lifecycle

    Topic C: Align Information Assurance and Compliance Regulations

    Lesson 3: Analyzing Threats to Computing and Network Environments

    Topic A: Identify Threat Analysis Models

    Topic B: Assess the Impact of Reconnaissance Incidents

    Topic C: Assess the Impact of Systems Hacking Attacks

    Topic D: Assess the Impact of Malware

    Topic E: Assess the Impact of Hijacking and Impersonation Attacks

    Topic F: Assess the Impact of DoS Incidents

    Topic G: Assess the Impact of Threats to Mobile Security

    Topic H: Assess the Impact of Threats to Cloud Security

    Lesson 4: Designing Secure Computing and Network Environments

    Topic A: Information Security Architecture Design Principles

    Topic B: Design Access Control Mechanisms

    Topic C: Design Cryptographic Security Controls

    Topic D: Design Application Security

    Topic E: Design Computing Systems Security

    Topic F: Design Network Security

    Lesson 5: Operating Secure Computing and Network Environments

    Topic A: Implement Change Management in Security Operations

    Topic B: Implement Monitoring in Security Operations

    Lesson 6: Assessing the Security Posture Within a Risk Management Framework

    Topic A: Deploy a Vulnerability Management Platform

    Topic B: Conduct Vulnerability Assessments

    Topic C: Conduct Penetration Tests on Network Assets

    Topic D: Follow Up on Penetration Testing

    Lesson 7: Collecting Cybersecurity Intelligence Information

    Topic A: Deploy a Security Intelligence Collection and Analysis Platform

    Topic B: Collect Data from Security Intelligence Sources

    Lesson 8: Analyzing Cybersecurity Intelligence Information

    Topic A: Analyze Security Intelligence to Address Incidents

    Topic B: Use SIEM Tools for Analysis

    Lesson 9: Responding to Cybersecurity Incidents

    Topic A: Deploy an Incident Handling and Response Architecture

    Topic B: Perform Real-Time Incident Handling Tasks

    Topic C: Prepare for Forensic Investigation

    Lesson 10: Investigating Cybersecurity Incidents

    Topic A: Create a Forensic Investigation Plan

    Topic B: Securely Collect Electronic Evidence

    Topic C: Identify the Who, Why, and How of an Incident

    Topic D: Follow Up on the Results of an Investigation

    Lesson 11: Auditing Secure Computing and Network Environments

    Topic A: Deploy a Systems and Processes Auditing Architecture

    Topic B: Prepare for Audits

    Topic C: Perform Audits Geared Toward the Information Assurance Lifecycle

    How much this course will cost?

    Our fees are as follows for students living  in UK or the European Union:

    CyberSec First Responder

    FEE

    Full Course (can be paid in instalments) £3000+ VAT

     Fees are payable in advance at the start of course unless otherwise agreed.

    We also provide flexible fee instalments to help students in paying their fee.

    Contact the college for more details.


    I give my consent to IT Professional Training to get in touch with me using the details I have provided in this form for the purpose of my inquiry, updates and upcoming courses.

    Course Curriculum

    No curriculum found !

    Course Reviews

    N.A

    ratings
    • 5 stars0
    • 4 stars0
    • 3 stars0
    • 2 stars0
    • 1 stars0

    No Reviews found for this course.

    TAKE THIS COURSE
    • £3,519.99 £2,200.00
    • 10 Days

    Request Call Back!









    I give my consent to IT Professional Training to get in touch with me using the details I have provided in this form for the purpose of my inquiry, updates and upcoming courses.

    Our Partners

    SAAS Bio Certification Certiport CompTIA Microsoft PearsonVUE SQA CIW Android ATC Authorized Training Center Logical operations Nextec Testing

    Facebook

    FREE Professional IT Certification Training @ ITPT EdinburghCompletely Free Funded IT Courses at ITPT EdinburghWould you like to start your career in IT?Would you like to get free training which prepares you getting certified to get a job in IT and computing field?Would you like to get hands on experience to gain experience in IT to qualify for jobs?If YES then please get in touch with us...Who are we?We are IT Training academy based in Edinburgh & Glasgow providing free funded training to individuals who like to secure their career in IT.We offer free funded training which is available from beginner to advance level.What courses we offer and what are the next available dates?Below is the list of some of the upcoming courses at our Edinburgh centre. All these courses will be delivered once a week. Check our website for all scheduled start dates.1. CISCO Certified Network Professional (CCNP) Routing & Switching:(All Modules: Routing, Switching & Troubleshooting)Recommended Knowledge: Student should have either attended CCNA R&S/ICND1 Course OR have either gained CCNA or CCENT qualification.Starting date: 10th November 2018Classes: One day a week – Every Saturday 09:30 - 16:30 HrsNo of weeks: 202. CompTIA A+(Gateway to IT - IT Technician Course)(Beginner's Level Course) A. Start Date: 12 December 2018Classes per week: 1 day a weekClasses timings: 13:30 - 17:00Day(s) of the week: Wednesday (only)Duration of the course: 18 weeksB.Start Date: 16 January 2019Classes per week: 1 day a weekClasses timings: 09:00 - 12:30Day(s) of the week: Wednesday (only)Duration of the course: 18 weeksC.Start Date: 03 February 2019Classes per week: 1 day a weekClasses timings: 13:30 - 17:00Day(s) of the week: Sunday (only)Duration of the course: 18 weeksD.Start Date: 10 March 2019Classes per week: 1 day a weekClasses timings: 09:00 - 12:30Day(s) of the week: Sunday (only)Duration of the course: 18 weeks3. Database Programming with PL/SQL (OCA SQL & PLSQL)Days per week: 1No of weeks:18Class timings: 01:00pm to 05:00pmStart Date: Saturday 19 January 2018Day of Classes: Saturday4. Word Press(Website Development Course)(No Coding Experience Required)Starting date: 02 Dec 2018Classes: One day a week – Every Sunday 09:00 - 12:00 HrsNo of weeks: 165. JAVA SE 8 Level 1 – Associate(OCA)Days per week: 1No of weeks:16Class timings: 01:00pm to 05:00pmStart Date: 02 Dec 2018Day of Classes: Sunday 6. Microsoft Office Specialist 2013(Word 2013, Excel 2013, Powerpoint 2013, Access 2013)Starting date: 26th January 2018Classes: One day a week – Every Saturday 13:00 - 17:00 HrsNo of weeks: 16-207. CISCO Certified Network Associate (CCNA) Routing & Switching(IT Support Technician/Network Engineer Course)(ICND1 + ICND2)A.Starting date: 15 January 2019Classes: One day a week – Every Tuesday 09:30 - 16:30 HrsNo of weeks: 16B.Starting date: 16 February 2018Classes: One day a week – Every Saturday 13:00 - 17:00 HrsNo of weeks: 188. CISCO Certified Network Associate (CCNA) Security: Recommended Knowledge: Student should have either attended CCNA R&S/ICND1 Course OR have either gained CCNA or CCENT qualification.Starting date: 16 February 2019Classes: One day a week – Every Saturday 09:00 - 12:30 HrsNo of weeks: 169. Microsoft Server 2012 – MCSA 2012(Server Engineer/2nd line/IT Support/Infrastructure)Modules included:70-410 = MCP: Installing & Configuring Windows Server 201270-411 = Administering Windows Server 201270-412 = Configuring Advanced Windows Server 2012 ServicesStudents can enrol towards all OR individual modulesStarting Date: 28th April 2019Classes: One day a week – Every Sunday 09:30 - 16:30 HrsNo of weeks: 8-9 weeks for an individual ; (upto) 26 weeks for all ModulesAnd many more free fully funded IT courses can be found on our website...Who is eligible for the free funded course?This course is funded by SAAS and in general individuals who are unemployed or having income less than £25,000 are eligible. Contact us to get more details.How to apply?Best way to apply and register for this course is by booking an appointment at our centre for course registration. To enrol in any course please reply to this ad with a preferred date and time and we’ll book you in for an enrolment appointment.The appointment can also be booked for course consultancy only, this helps the applicants to discuss and explore more regarding the courses with help of course advisor.All upcoming course starting dates can be found on our Website.IT Professional Training62 West Harbour RoadEdinburghEH5 1PW ... See MoreSee Less

    View on Facebook

    *=ITPT Glasgow Brings Weekend Special Courses=*On a high demand of the weekend courses at our Glasgow centre. We have brought Saturday and Sunday Courses. All of these courses are part-time, FREE (Fully SAAS funded) and once a week.=CompTIA A+(Gateway to IT)The CompTIA A+ course provides necessary competencies for an entry-level IT professional with the equivalent knowledge of at least 12 months of hands-on experience in the lab or field.Starting: Saturday 4th November 2018Timings: 9:00 am - 1:30pm for 20 weeks=CISCO's CCNA R&SCisco Certified Network Associate (CCNA) Routing and Switching teach networking based on technology. It covers protocols and theory at deeper levels to help students succeed in networking-related degree programs and a range of professions. Starting: Saturday 1st December 2018Timings: 9:30 am - 4:30pm for 16 weeks=Oracle's SQL & PL/SQLThe course is designed for those students interested in both designing databases and then implementing them to a professional standard using Oracle 11g Server.This course is designed to provide the student with the necessary tools and skills required to attain the following certifications:• Oracle PL/SQL Developer Certified Associate Certification (OCA PL/SQL)• Oracle certified Associate – SQL Database Programmer (OCA SQL)This program offers entry-level credential and designed to ensure the knowledge and proficiency to build database-centric Internet applications for Oracle by preparing student toward OCA SQL & PL/SQLStarting: Sunday 20th January 2019Timings: 1:30 pm - 5:00pm for 20 weeksFor more details about a specific course please contact us.Phone: 0141 429 2922Email: info@itpt.co.ukWebsite: www.itpt.co.uk ... See MoreSee Less

    View on Facebook

    We have following existing new Part-Time courses starting soon in Glasgow. CISCO's CCNA Security:Start Date : Saturday 25th August 2018Time : 1:30pm to 5:00pmDay : Every Saturday for 16 weeks.Prerequisites : To join this course, individual must have completed a CCNA Routing & Switching training or IT Security relevant work experience, suggested by Cisco.Oracle Java SE8 LEVEL 1 -Associate Course:Start Date : Monday 17th September 2018Time : 9:00am to 1:00pmDay : Every Monday for 16 weeksPrerequisites : No Entry Requirement and no prior programming skills required to go into Level I certificationDatabase Design & Programming with SQL & PL/SQL Course:Start Date : Monday 3rd August 2018Time : 2:00pm to 5:00pmDay : Every Monday for 16 weeks.Prerequisites : Ease with using a computer and general knowledge of databases and query activity.CompTIA A+ (Gateway to IT):Start Date : Tuesday 4th September 2018Time : 9:00am to 1:00pmDay : Every Tuesday for 16 weeks.Prerequisites : Basic Computer understanding- No prerequisite set up by CompTIA.CCNA Routing & Switching:Start Date : Friday 5th October 2018Time : 9:00am to 1:00pmDay : Every Friday for 16 weeks.Prerequisites : Basic Networking KnowledgeFor a complete list of all our upcoming courses please visit: www.itpt.co.uk/course-scheduleIf you would like to make an appointment to discuss this face-to-face with a course advisor or to enrol in any course please reply to this ad with a preferred date and time and we’ll book you in for an enrolment appointment. ... See MoreSee Less

    View on Facebook

    Upcoming Courses

    Dec
    19
    Wed
    11:30 am CompTIA A + (IT Essential- Gatew... @ ITPT Edinburgh (62 West Harbour Road)
    CompTIA A + (IT Essential- Gatew... @ ITPT Edinburgh (62 West Harbour Road)
    Dec 19 @ 11:30 am – 5:00 pm
    Course Introduction: The CompTIA A+ certificate is widely recognized and prepares the individual to enter the market as PC Technician. The CompTIA A+ certification is the industry standard for validating[...]
    Jan
    12
    Sat
    9:30 am CISCO Certified Network Professi...
    CISCO Certified Network Professi...
    Jan 12 @ 9:30 am – 4:30 pm
    [Book Appintment Now] Course Description: CCNP Routing: This course covers routing protocols and related technologies at the professional level. The backbone of the course is focused on EIGRP, OSPF, BGP,[...]
    Jan
    15
    Tue
    9:30 am CCNA Routing & Switching V3 Cour... @ ITPT Edinburgh (62 West Harbour Road)
    CCNA Routing & Switching V3 Cour... @ ITPT Edinburgh (62 West Harbour Road)
    Jan 15 @ 9:30 am – 4:30 pm
    Introduction Cisco Certified Network Associate (CCNA) Routing and Switching is a certification program for entry-level network engineers that helps maximize your investment in foundational networking knowledge and increase the value[...]
    Jan
    16
    Wed
    11:30 am CompTIA A + (IT Essential- Gatew... @ ITPT Edinburgh (62 West Harbour Road)
    CompTIA A + (IT Essential- Gatew... @ ITPT Edinburgh (62 West Harbour Road)
    Jan 16 @ 11:30 am – 5:00 pm
    Course Introduction The CompTIA A+ certificate is widely recognized and prepares the individual to enter the market as PC Technician. The CompTIA A+ certification is the industry standard for validating[...]
    Jan
    19
    Sat
    9:00 am Free Funded – Database Design & ...
    Free Funded – Database Design & ...
    Jan 19 @ 9:00 am – 1:00 pm
    Introduction SQL is used to communicate with a database. According to ANSI (American National Standards Institute), it is the standard language for relational database management systems. SQL statements are used[...]
    Jan
    20
    Sun
    1:30 pm Free Fully Funded – Database Des...
    Free Fully Funded – Database Des...
    Jan 20 @ 1:30 pm – 5:00 pm
    Introduction SQL is used to communicate with a database. According to ANSI (American National Standards Institute), it is the standard language for relational database management systems. SQL statements are used[...]

    COPYRIGHT © 15-18 IT PROFESSIONAL TRAINING LTD REGISTERED IN SCOTLAND UNDER REGISTRATION NUMBER SC423952. VAT REGISTRATION NO 137653694.

    X