Passing CyberSec First Responder Exam

Posted by in Security+ | 6 comments

I’m happy to say that I passed the CyberSec First Responder certification exam. Overall, it was an enjoyable experience – studying for it and learning some new things, taking the exam at a good testing center, and celebrating afterwards at IHOP.

Cybersec First Responder badge

One thing that I reaffirmed through the process is that it is a logical choice after the CompTIA Security+ exam to round out your resume. This is especially true if you’re seeking a hands-on role in cybersecurity or IT forensics and it will be what I recommend to anyone that asks me about CEH.

As with any certification exam, there is a non-disclosure agreement (NDA) and I don’t plan on violating the NDA. Still, there are some things I can share with you that you may find useful.

Taking the CyberSec First Responder Exam

First, the questions were all multiple choice or True/False questions. Many of the multiple choice required you to select two or three answers. A neat feature was that the exam had an internal check in it, helping me ensure I selected the correct number of answers.

Many of the “select three” answers were used instead of the NOT type of questions that CompTIA frequently uses. This will help many people avoid confusion.

As an example, consider this question.

Which of the following are colors (Select Three)?

  1. Blue
  2. Car
  3. Green
  4. Yellow

If you understand the content, this is often just a matter of figuring out which answer doesn’t fit with the others and not selecting it.

The same question could use the same answers, but reworded like this:

“Which of the following is NOT a color?”

One thing I was very grateful for was that the questions and content were never covered up. I could always see the full question and all the answers. In contrast, when I took the CompTIA Cybersecurity Analyst Beta Exam, it was often difficult to view the graphics, question, and instructions without moving things around. Typically, the question and instructions covered up the graphics and underlying hotspots making it tedious to just understand the questions.

How To Study for CyberSec First Responder

Here are a few methods you can use to prepare for this exam.

Attend a CyberSec First Responder Course

There are many training centers that teach the course. You can use the search feature toward the bottom of this page to find one near you. It’s labeled Find a CFR Class Near You.  Select the region (such as USA) and the Subregion (such as VA) and it’ll list training centers that you can click to get more information.

The course is typically taught in a five-day instructor-led format from 9 AM to 5 PM.

Some people love this format, and there was a time when I thrived in a classroom format like this. However, it’s not for me today, so I needed another method.

Self-Study with the CyberSec First Responder Course Book

You won’t find any resources for the CyberSec First Responder certification on Amazon. However, you can purchase the course book from Logical Operations here. They have several options such as:

Student: Digital Courseware

This includes the course book and other materials (such as a practice test) available online. I used this in my preparation. Unfortunately, minor eye surgery made it quite uncomfortable to look at a computer screen for more than five minutes while studying for this exam. Fortunately, I was able to print out the course book from the digital courseware – it was a little messy, but worth it.

Student: Print and Digital Courseware

This includes all of the digital courseware products and you also get a printed course book shipped to you. If you like a paper copy, the few extra dollars are worth it for this package (and definitely better than printing out the course book from the digital courseware.

Student: Print and Digital Courseware with the Lab Bundle

This includes the same resources as the Print and Digital Courseware product, but also with access to an online lab. I didn’t use this, but the course book referred to it often within chapter Activities. You could create your own lab, but a ready-made lab would save you a lot of time.

Woo Hoo! Study Guide Now Available

Logical Operations recently created a study guide that you can purchase directly from them here.  It’s only $99 in the US and it includes all the resources available in the Student: Digital Courseware product that I used, except for the eBook. (Don’t get this if you’re planning on minor eye surgery soon, though. You won’t be able to print it out.)

Self-Study with Your Own Lab 

Another option is to create your own lab. You can do this in two steps.

  1. Install Oracle VirtualBox on your system.
  2. Install an instance of Kali Linux as a virtual machine (VM).

While you can also install Kali on a bootable USB, it’s valuable to have it as a VM within your primary computer when studying.

Note that this will allow you to do many of the activities in the course book, but you’ll have to adapt. If you’ve developed strong critical thinking skills, this is a good option. However, if you need step-by-step instructions that work without the need to adapt them to your own lab, the lab bundle is a better option for you.

Kali Linux and CyberSec First Responder

Kali Linux and CyberSec First Responder

Kali Linux is a distribution of Linux preinstalled with over 300 penetration-testing programs. It is an important tool for anyone interested in pursuing a career in cybersecurity. Offensive Security funds and maintains it, but it is available as a free open-source tool.

When studying for the CyberSec First Responder, it’s important to be familiar with several key tools that are available within the Kali Linux distribution. I won’t guarantee you’ll be tested on these tools, but I found that playing around with them was a valuable learning experience.

  • Nmap (short for network mapper). This can be used for many tasks including footprinting a network in the reconnaissance phase of a penetration test.
  • Wireshark (a packet analyzer). If you’ve never captured and analyzed any packets, this is a must if you want to elevate your security knowledge.
  • John the Ripper (a password cracking tool). It combines a number of features together in a single tool and is very effective with offline password attacks.
  • Burp Suite (platform for testing web applications). This suite combines many different tools use for security testing.

There’s much more to Kali, but these items are worth exploring.

How I Passed the CyberSec First Responder Exam

While your experience may be different, here are the things that I attribute to passing this exam the first time I took it.

  • Doing the best I could on the Security+ exam (and other security exams I’ve taken). I found that many of the topics were quite similar to the Security+ exam. When I learned those topics, I truly learned them, and they stuck with me.  For example, I don’t need to study CIA or the order of volatility to know their meanings for any certification exam today.
  • Downloading and reading the objectives for the CyberSec First Responder exam.
  • Creating a virtual lab with Oracle VirtualBox and Kali.
  • Reading the CyberSec First Responder course book  from cover to cover. While there were many familiar topics in this course book, it also gave me some valuable information needed for the exam.
  • Taking the course book online quiz. This is a 40 question quiz, which I took 3 times and ultimately dug into each of the questions and the answers. My intention wasn’t just to get the questions correct, but also to know why the correct answers were correct and why the incorrect answers incorrect. During my IHop review after the exam, I realized this helped with many actual questions.

If you’re planning on taking this exam, post a comment. I (and others) would love to hear from you.

How Long Did You Study?

Several people have asked me how long I studied for this exam. I started looking at it closely when I wrote a blog about it about three weeks ago. I then studied the coursebook daily for about two weeks before I took the exam.  Again though, I stress that doing the best I could on previous security certification exams helped me with this exam.

Of course, the implied question is “How long will it take me to pass this exam?” If you’ve recently passed the Security+ exam and truly learned the content, I’d say that you can get this certification within 30 days by following these steps.

  • Get the study guide.
  • Study the study guide daily.
  • Get a voucher and schedule your exam (10% discount available here).
  • Take the online quiz until you’re acing it and you understand all of the answers.
  • Take the exam, celebrate your success, and let us know what worked for you and how long it took.


  1. Recently passed CySA and am between studying for CFR-210 or moving on to CASP. Curious as to what you think about this approach.

  2. Thanks for this amazing review. I was preparing to take the ISACA CSX Practitioner course, but looks like I might just go for CFR instead

  3. Congrats on the pass. That’s always great to hear.

    CFR is a relatively new cert, but I continue to see increased interest in the different cents with cyber security in their name. At the moment, I see it as a ‘nice to have’ cert that can give your resume an extra boost, especially if you’re pursuing a job in IT security.

  4. Hello Darril, just passed my security+ on my first go round with your book, thank you for that by the way. I am very intrigued by the course work outlined with the CFR cert. However, I never see any job postings with the requirements asking for CFR. Do you think the CFR will actually start being a part of the “requirements” or “nice to have” parts of the job postings?

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Copyright © 2020 Get Certified Get Ahead. All Rights Reserved.