CCNP - CBRFIR
Cisco CyberOps Forensics and Incident Response
This course equips cybersecurity professionals with the skills to investigate security incidents and perform forensic analysis using Cisco’s advanced security platforms. Learners will explore evidence collection, malware behavior, memory and file system analysis, and post-incident reporting. The course also covers the use of Cisco tools such as SecureX, AMP for Endpoints, Threat Grid, and Firepower to support incident response and forensic workflows. Legal and compliance aspects, including chain of custody and regulatory standards, are also addressed.
- Forensic Analysis
- Evidence collection and preservation
- File system and memory analysis
- Malware behavior and basic reverse engineering
- Incident Response
- Threat detection and containment
- SOC playbook execution
- Post-incident recovery and reporting
- Cisco Security Tools
- SecureX orchestration
- AMP for Endpoints and Threat Grid
- Firepower NGFW and Stealthwatch
- Legal & Compliance
- Chain of custody procedures
- Regulatory standards and documentation
- Security Operations Integration
- Workflow automation
- Integration of forensic tools into SOC environments
Exam Overview:
Certification Track: Cisco Certified CyberOps Professional
Exam Code: 300-215 CBRFIR
Duration: 90 minutes
Format: Multiple choice and simulation-based questions
Language: English
Delivery: Pearson VUE (online or test center)
Prerequisite: 350-201 CBRCOR (Core Exam)
For detailed course content and enrolment information, please contact us directly. We’re happy to guide you through the curriculum, prerequisites, and training options tailored to your needs.