CyberSec First Responder

Posted by in Security+ | 2 comments

Have you heard about the CyberSec First Responder (CFR) certification? If not, it’s worth a look, especially if you recently passed the Security+ exam (or will soon). I recently learned about it and the more I learn, the more I like.

Both cybersec and cybersecurity are popular buzzwords today. Organizations know that they are at risk for cyber security attacks and even if they haven’t experienced an attack yet, they know that it could come at any time. Because of this, they want IT personnel with a demonstrated knowledge of cybersecurity. The CyberSec First Responder (CFR) is one of the certifications that directly answers this need for prospective employees.


I took and passed this exam and blogged about the experience here. That post also includes steps you can take to study for and pass this exam.

Cybersec First Responder badge

Where Does CyberSec First Responder Fit

This certification fits right between the CompTIA Security+ and CASP certifications. If you pursue it right after the Security+ certification, you’ll find that you already have a strong foundation.

Cybersec First Responder

What I really like about it is that it helps you round out your knowledge and skills related to cyber security. More specifically, it helps you focus on some of the job functions related to protecting and defending information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.

The exam focuses on the knowledge, ability, and skills necessary to provide for the restoration of those information systems. Further, it focuses on restoration within a cybersecurity context including protection, detection, investigation, reaction, response, and auditing capabilities. As an introduction, it includes the following 10 domains:

Domain% of Examination
1.0 Assessing Information Security Risk10%
2.0 Creating an Information Assurance Lifecycle Process7%
3.0 Analyzing Threats to Computing and Network Environments19%
4.0 Designing Secure Computing and Network Environments15%
5.0 Operating Secure Computing and Network Environments5%
6.0 Assessing the Security Posture Within a Risk Management Framework10%
7.0 Collecting Cybersecurity Intelligence Information5%
8.0 Analyzing Cybersecurity Intelligence Information5%
9.0 Responding to Cybersecurity Incidents7%
10.0 Investigating Cybersecurity Incidents10%

You can see the complete objectives for the CFR-110 exam here. The CFR-210 exam is currently in development.

If you’ve been studying the Security+ certification, you’ll notice that some of the objectives overlap. That’s good. It just builds on your existing knowledge. Additionally, it’ll help you increase your knowledge no matter what IT security certification you choose to pursue next.

What are the CyberSec First Responder Exam Specifications

This exam is relatively straight-forward. It consists of 128 multiple choice questions and true-false questions that you need to complete in 180 minutes. This is more generous than the short time requirement of the CompTIA Security+ exam, so you may find it easier to complete.

I admit that I haven’t taken the exam so I don’t have the certification. However, I’m so excited about this certification that I plan to take it in July. Stay tuned. I’ll let you know how it goes.

What’s Required to Take the CyberSec First Responder Exam

There aren’t any formal requirements to take the exam, but there are some recommendations. Specifically, they recommend you possess the following knowledge, skills, and experience prior to taking the exam:

  • At least two years of experience in a computer network security technology or related field.
  • The ability to recognize information security vulnerabilities and threats in the context of risk management.
  • A working knowledge of common computer operating systems.
  • A working knowledge of the concepts and operational frameworks of common assurance safeguards in computing environments, such as basic authentication and authorization, resource permissions, and anti-malware mechanisms.
  • A working knowledge of common networking concepts, such as routing and switching.
  • A working knowledge of the concepts and operational frameworks of common assurance safeguards in network environments such as firewalls, intrusion prevention systems (IPSs), and virtual private networks (VPNs).

The good news is that you’ll have most of the knowledge for these concepts if you recently passed the Security+ exam. You can purchase a voucher for the exam here. Logical operations will send you an email with the voucher and then you can use it to register for the Cybersec First Responder (CFR-110) exam on the Pearson web site.

What’s Does CyberSec First Responder Replace

The CyberSec First Responder (CFR) certification is ideally suited to replace the Certified Ethical Hacker (CEH) certification for many people. People often ask me about CEH. For example, they ask me if it is a good cert to pursue or will it help them get a job. Here’s my typical answer.

Unfortunately, I’m not close to the CEH certification so can’t speak to it directly.

That’s 100 percent true. However, I’ve also heard many negative comments about the certification.

  • Hiring managers are reluctant to embrace a new employee identified as a hacker (certified or not).
    • Their thoughts are that you can’t be ethical and a hacker.
    • Admittedly, this debate is repeated often and there are good points on each side.
    • But the key is, do you want to debate it with the hiring manager during your next job interview?
  • I also hear from people that the promise of the certification isn’t realized.
    • In other words, people that take the exam often say that they are able to pass it without demonstrating any actual “hacking” knowledge.

In contrast, hiring managers understand the words “Cybersec First Responder.” The certification name is intuitive. It tells the hiring manager that you understand what’s required to be a first responder for a cybersecurity incident. I believe that’s part of the popularity of the Security+ certification. It’s clear that someone with this certification has knowledge directly related to IT security.

CyberSec First Responder Summary

If you’re wondering what to take after the Security+ exam, you might like to consider the Cybersec First Responder certification. It’s becoming a popular alternative to the CEH certification and fits right between the Security+ and CASP certification exams. You can download the objectives for the CFR-110 exam here and if want to take it, you can buy a voucher here, and use it to register for the exam here. More, stay tuned to this site. I’m so psyched about this new certification, I plan to write at least a few more blogs on it in the next couple of months.


  1. Hi DArril,

    just wanted to ask a bit more about this course. Thanks for helping me pass my Sec + exam and i am at a cross path of which certification to follow next. I am studying for CISSP and still looking for my 1st job in Security. This course is very experiences from what i have seen on provider websites. Can you recommend any alternative methods of getting this certification.

    kind Regards

    • Look for a post tomorrow: Passing CyberSec First Responder Exam

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Copyright © 2020 Get Certified Get Ahead. All Rights Reserved.