A minimum of two years experience as a system/network administrator or as a cybersecurity professional is recommended. An intermediate understanding of network concepts, along with general knowledge of computer operating systems, is required. Experience with handling cyber incidents is preferred.

Course Description

CFR is designed to prepare first responders to effectively and efficiently act to counter any type of cyber-based attack against our nation’s internet, communications, and network-based infrastructure. This hands-on course is for skilled technical personnel who meet specific technical prerequisites, and could be responsible for responding to agency assistance calls for potential malicious activity.

This course is an intermediate level, hands-on course where network and security knowledge and experience is required. Alternative experience may be considered in lieu of listed requirements, based upon seating availability and review by CDI admissions staff.

CFR is offered free-of-charge to technical personnel who work for agencies or organizations considered as a part of our nations critical infrastructure.

Blended learning methods will be utilized, to include a balance of classroom lecture, hands-on laboratory exercises, and the use of cybersecurity response tools, as cyber attacks against significant national network infrastructure targets will be simulated.

CFR classes stress a proactive approach to providing computer, network, and infrastructure incident response handling. Solutions and methods taught are non-vendor-specific, which does not require participants to have specialized software when trying to implement class lessons at their own agencies. CDI stresses proper network and data engineering techniques and methodology over simple software packages, keeping agency financial requirements to a minimum.

CFR will define the steps of handling specific types of cyber attacks, including incident assessment, detection and analysis for security incidents, and the containing, eradicating, and recovering process from a system or network-based incident. Participants will learn how to:

  • Identify, define, and practice first-hand the many tools and resources required in the cyber attack response process that the first responder must bring to bear in order to accurately and successfully detect, analyze, and mitigate a cyber attack.
  • Describe the Cybersecurity First Responder (CFR) process, to include emergency assessment, emergency containment, emergency eradication, emergency restoration, post-emergency response, and the hand-off.
  • Describe the follow-up, secondary incident response techniques, and the proper integration of these activities into the CFR process.
  • Define the proper techniques used to properly review, critique, and build upon the CFR process through a series of review meetings and lessons-learned methods.