Path icon Learning Paths
Skills

Cyber Defense Incident Responder | PR-CIR-001 | Work Role 531

  • Number of Courses20 courses
  • Duration28 hours
  • Skill IQ available Skill IQ

A cyber defense incident responder responds to crises or urgent situations to mitigate immediate and potential threats while investigating and analyzing all relevant response activities. Responsibilities include using mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security.  

This path will get you started on your journey to becoming a cyber defense incident responder! Begin with the fundamental concepts of network protocols and traffic analysis through hands-on labs, dive into the essential skills necessary to perform the day-to-day functions of response and remediation and then expand your skill set with tools, more advanced concepts and knowledge from adjacent roles!

Path estimated completion time is ~40 hours for total content.

 

This path aligns to the Knowledge, Skills, Abilities and Tasks (KSAs) within the Workforce Framework for Cybersecurity (CSWF) and the DoD Cyber Workforce Framework (DCWF) for the work role of:

Cyber Defense Incident Responder Work Role 531 or PR-CIR-001

 

For complete coverage of skill paths and tooling for the Cyber Defense Incident Responder role, please navigate to the Incident Responder Channel

Courses in this path

Fundamentals

Begin your learning journey with the fundamental concepts of network protocols, packet analysis and security monitoring and detection through some hands-on labs and courses!

*Note the lab length is showing the allotted time that the environment will be open and available before resetting. The estimated completion time of each lab is 45 minutes.

NICE Framework Overview

  • by Pluralsight
  • 5m Duration

Enterprise Security: Executive Briefing

  • by Aaron Rosenmund
  • 39m Duration
  •  (66)

Network Activity and Packet Analysis with Python

  • by Sean Wilkins
  • 2h 15m Duration

Security Event Triage: Operationalizing Security Analysis

  • by Aaron Rosenmund
  • 54m Duration
  •  (34)

Security Event Triage: Detecting System Anomalies

  • by Aaron Rosenmund
  • 1h 47m Duration
  •  (21)

Skill Essentials

Now that you know the fundamentals, dive into the essential skills necessary to perform the day-to-day functions of a cyber defense incident responder including analysis, response and remediation.

Incident Response: Detection and Analysis

  • by Aaron Rosenmund
  • 2h 19m Duration
  •  (37)

Incident Response: Host Analysis

  • by Aaron Rosenmund
  • 1h 37m Duration
  •  (13)

Incident Response: Network Analysis

  • by Brandon DeVault
  • 1h 10m Duration
  •  (20)

Incident Response: Containment, Eradication and Recovery

  • by Aaron Rosenmund
  • 1h 6m Duration

Getting Started Analyzing Malware Infections

  • by Cristian Pascariu
  • 2h 17m Duration
  •  (48)

Malware Detection and Analysis with Python

  • by Cristian Pascariu
  • 1h 8m Duration

Expanded Skillset

It's time to expand your skill set with tools, more advanced concepts and emerging trends and vulnerabilities!

This section gives you a brief introduction into many, additional skills that you will find helpful as a cyber defense incident responder. We have full training paths on all of these skills; see the Supplemental Skill Paths section to learn more.

Specialized DFIR: Windows Registry Forensics

  • by Tyler Hudak
  • 1h 10m Duration
  •  (19)

Incident Management with TheHive

  • by Nick Mitropoulos
  • 27m Duration

Advanced Cyber Defense Analysis with Wireshark

  • by Sean Wilkins
  • 2h 31m Duration

Advanced Malware Analysis: Ransomware

  • by Cristian Pascariu
  • 1h 29m Duration
  •  (43)

Adjacent Skill Knowledge

Now that you've mastered all the skills for cyber defense incident responder, learn about additional cyber roles and their responsibilities.

Threat Hunting: Network Hunting

  • by Brandon DeVault
  • 1h 29m Duration
  •  (26)

Threat Intelligence: The Big Picture

  • by Cristian Pascariu
  • 1h 43m Duration
  •  (38)

Information and Cyber Security Literacy: Governance, Risk, and Compliance

  • by John Elliott
  • 59m Duration
  •  (27)

Law, Ethics, and Security Compliance Management

  • by Christopher Rees
  • 2h 9m Duration
  •  (20)

Specialized Testing: SQL Injection

  • by Christian Wenz
  • 1h 13m Duration

Learn with the best

Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur... more
Sean Wilkins
Sean Wilkins
Sean Wilkins, with over two decades of experience in the IT industry, serves as a distinguished networking consultant and contributor at Tech Building Blocks. His professional journey spans multiple prominent enterprises, underlining his extensive field expertise. Sean's credentials include esteemed certifications from Cisco (CCNP/CCDP), Microsoft (MCSE), and CompTIA (A+ and Network+). Academically, he has achieved a Master’s of Science in Information Technology, specializing in Network Architec... more
Brandon DeVault
Brandon DeVault
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response... more
Cristian Pascariu
Cristian Pascariu
Cristian took part in auditing and implementation of infosec capabilities to uplift security posture. He managed codification efforts to extract indicators of compromise and created rules in the scope of defending against new emerging threats. He has also developed tools and scripts to overcome security gaps within the corporate network. Cristian has mentored L1 and L2 analysts to increase triage efficiency and combat new threats. He has experience in the field of Application Security and has pr... more
Tyler Hudak
Tyler Hudak
Tyler Hudak has more than 15 years of extensive real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple Fortune 500 firms. He has spoken and taught at a number of security conferences on the topics of malware analysis, incident response, and penetration testing, and brings his frontl ine experience and proven techniques to bear in his training.
Nick Mitropoulos
Nick Mitropoulos
Nick is the CEO of Scarlet Dragonfly and has numerous years of experience in security training, cyber security, incident handling, vulnerability management, security operations, threat intelligence and data loss prevention. He is a certified ISC2 & EC-Council instructor, a GIAC advisory board member, an EC-Council global CISO member, a CEH Hall of Fame holder, a senior IEEE member and has an MSc in Advanced Security and Digital Forensics from Edinburgh Napier University.
John Elliott
John Elliott
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S... more
Christopher Rees
Christopher Rees
Chris is a professional information technologist, author, trainer, manager and a lifelong learner. He is married with 3 beautiful children and interested in working out, spending time with family and friends and being creative whenever possible. He has been an author for over 25 years and has created over 60 IT Certification training courses. Chris really enjoys helping people advance in their careers through training and personal development.
Christian Wenz
Christian Wenz
Christian Wenz is an architect, consultant and author focusing on web technologies. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, is a Microsoft Most Valuable Professional (MVP) for Developer Technologies since 2004, and the main author of the official Zend PHP certification. His day job includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right web strategy an... more

Join our learners and upskill
in leading technologies