The Cyber Scheme Foundation Level (CSFL)
Training and assessment to measure and recognise the competence of junior technical consultants.
We need to close the skills gap in technical cyber security, by increasing the number of appropriately qualified people entering the industry and supporting industry needs for practical expertise even at entry level jobs.
The Cyber Scheme Foundation Level (CSFL) is a comprehensive training course and assessment designed to teach essential technical skills to individuals wanting to become industry-ready technical practitioners. It is aimed at supporting junior testers into their first role, teaching them essential skills, and assessing their competency as quickly and efficiently as possible.
CSFL provides a technical introduction into cyber security in general; it will highlight and enhance the skills and knowledge required at this beginner level, whilst measuring competence.
Practical skills, technical knowledge and a pathway to Professional Registration
Fast-Track your application for an Associate Cyber Security Professional Title
The Cyber Scheme are proud to share that our CSFL Certification has been fully aligned with the UK Cyber Security Council’s Associate Cyber Security Professional title.
This means that anyone who holds this qualification has already demonstrated that they meet ALL the required competencies for the title and can fast-track their Associate application with ourselves or with the UK Cyber Security Council, without needing to provide that evidence again.
The Associate Title is intended to address a common barrier to entering the sector: candidates often need experience to secure a first role, but need a first role to gain that experience. The practical nature of our CSFL course and related assessment assures employers that you have the skills they are looking for.
Find out more about an Associate professional Title here.
Training
Available anywhere worldwide with our remote learning course.
The Cyber Scheme’s comprehensive two and a half day training course will highlight and enhance the skills and knowledge required in order to be successful in the assessment, which takes place on the afternoon of the final day.
As soon as candidates begin the course they will be immersed in the world of cyber security with practical hands-on exercises and expert tuition from a Cyber Scheme Instructor. They will learn about Linux systems, Windows systems, how to script in bash and in python. Also taught are the fundamentals of computer networking, web application technologies and vulnerability scanning, as well as the laws and ethics associated with security testing. This training will give candidates the essential skills of an ethical hacker at junior level.
Training is led by Paul Richards, a subject matter expert in ethical hacking and penetration testing who specialises in helping others progress within cyber security through training, mentoring and the highest standard of assessment.
Training Modules
See below the topics which will be covered. There will be ample opportunities to identify and address specific knowledge gaps directly with our trainers whilst undertaking training.
- Understands and can apply the Computer Misuse Act to stay within a scope
- Has knowledge of how the PJA / RIPA laws affect security testing
- Is aware of how the GDPR and the DPA affects security testing
- Understands how the HRA has to be applied as part of a security test
- Has an understanding of ACPO (Formerly known as) and where it applies
- Understands what should be in a scope and keeping to scope
- Understands the risks associated with any form of security testing.
- Can recommend and implement full disk encryption
- Understands the fundamentals of using virtualised and non-virtualised distros for security testing
- Can demonstrate how to install and maintain a security testing distro
- Can justify the use of administrative and non-administrative accounts for security testing
- Can customise a security testing distro to complete an engagement based on a scoping document.
- Understands the folder structure and standards used on device with a Linux operating system
- Can demonstrate how to list a range of files and can explain the displayed output
- Can demonstrate how to manipulate a range of files using a range of applications
- Understands how to copy, move and delete files on a Linux file system
- Can manipulate and navigate the directory structure of a Linux File system
- Can demonstrate setting up file permissions and can justify the choices made
- Understands the use of escalation techniques to prevent overuse of the superuser in a Linux environment
- Can demonstrate the use of search tools, filters and pipes
- Can competently make use of foreground and background processes
- Can demonstrate the use of the tools available in a Linux environment to trouble shoot networking issues
- Understands a range of administrative protocols used to administer a Linux system
- Understands the use remote file systems both for enumeration and configuration purposes
- Can demonstrate how to administer user accounts and understand the fundamental technologies in use
- Understands the file compression techniques available in a Linux environment
- Can use local resources for tool and utility advice and guidance
- Can demonstrate the configuration and enumeration of timed events to administer a Linux system.
- Understands the fundamentals of Linux scripting
- Understands the importance of iteration in program code and scripting
- Can justify the use of Functions and Returns for structured code practices
- Can read and evaluate scripts
- Can reuse and modify scripts
- Can use AI to vibe code for hacking purposes.
- Understands the layout, principles, and construction of python code
- Can construct iteration code to apply secure coding principles
- Can use functions to apply the “DRY” coding principle
- Understands the fundamentals of Python code
- Can read and evaluate Python code
- Can reuse and modify Python code
- Can use AI to vibe code for hacking purposes.
- Understands how to manipulate files and folders including hidden files in a Windows environment
- Can demonstrate how to traverse and manipulate the directory structure
- Understands how to enumerate and manipulate a Windows system for users, shares and policies using the command line interface (CLI)
- Understands the difference between the domain controller (DC), workstations and non-domain joined devices
- Understands how to read and write to the file system using various techniques
- Understands user privileges and the security models available in Windows environments
- Can demonstrate the use of network trouble shooting tools and utilities to solve commonly found issues
- Can demonstrate basic PowerShell commands and understands the security model in place
- Understands the fundamental principles of the remote desktop protocol, virtual network computing and secure shell in a Windows Environment
- Understands the networking configuration and how to enumerate it in a Windows operating system
- Understands the concept of password hashing, brute forcing and using MFA.
- Understands the use of DNS, and the DNS record types
- Understands the ARP protocol and its uses
- Understands the use of gateway devices to divide subnets
- Understands the 7 layer OSI model and the 4 layer DoD model
- Has a fundamental grip on the TCP/IP suite of protocols including UDP
- Understands a range of management protocols on a computer network.
- Can demonstrate the configuration of packet capturing software
- Can capture and analyse the various network packets on a TCP network
- Understands how to apply filters to packet capturing tools
- Can demonstrate the capturing of TCP streams and interpret the data.
- Understands the send and receive HTTP model
- Understands the concept of session tokens to identify user sessions
- Can demonstrate how to run scripts embedded in HTML pages.
- Understands security headers and can recommend improvements based on a scenario
- Understands the response and error codes associated with the HTTP(s) protocol.
- Can demonstrate the installation and configuration of VA software and tools
- Can demonstrate the configuration of a scan to achieve a set goal
- Can check for false positives and understands the VA tool output
- Understands how to configure VA software to complete a credentialed security test
- Understands how to configure VA software to complete a CIS benchmark security test
- Understands the basics of using The Common Vulnerability Scoring System (CVSS)
- Understands the basics of port scanning.
- Understands the function of mobile device management (MDM)
- Can determine if a device is jailbroken
- Can check and recommend patching and software levels
- Understands mobile technical controls
- Understands the file types associated with mobile applications.
- Understands the basics of Cloud security testing.
- Understands the basics principles of testing within Azure
- Understands the basics principles of testing within AWS.
Preparing for the training course
Joining instructions including timings will be provided when you book. They are also available at the link below; please study them prior to attending. You should bring a working laptop, with a virtualised working copy of Kali Linux and a working copy of Nessus. (Other options / configurations are available.)
The training course associated with the CSFL assessment is an entry level course and as such has no pre-requisites. However, candidates should have access to a working laptop (i.e. Windows 11), with a security testing distro (i.e. Kali Linux), some form of VA software (i.e. Nessus) and a working power supply, wired Ethernet port and have admin rights to add and remove software as required. You will need to use the USB ports to copy data. You will need to install WireGuard VPN and therefore will need admin access.
If you want to start researching some of the topics, take a look at the laws and ethics around ethical hacking and some basic computer networking concepts. We will cover all this in the training, but some people like to get a head start.
Microsoft Windows 11 (or 10), is advised. Apple mac and other operating systems are allowed but you will need to provide your own IT support. You will need admin rights to the base OS. A copy of Microsoft Word or something similar would be beneficial.
Research and get to know a virtualisation solution. We recommend Oracle VirtualBox, but other software is available however you will need to provide your own IT support.
In particular you should get to know:
- How to install the software
- How to install the extension pack
- How to install the Guest Additions software.
It would be useful to get to know how to clone and snapshot a virtual machine.
Research and install a copy of Kali Linux as a virtual machine. You should have at least 8G of Ram for your virtual machine, at least 200G of disk space and take some time getting to know the networking settings. (i.e NAT, Bridged, etc)
You don’t have to use Nessus; you can use any vulnerability assessment (VA) software you like however you will need to support it yourself. Nessus has a variety of licence options and for the training and assessment the free versions are fine. (Full version free trial or Essentials version). It doesn’t really matter if you install Nessus onto the base OS or onto the virtual Kali machine. If unsure, add it to Kali.
The Assessment
Passes for successful candidates will be awarded at Pass, Merit or Distinction. Credits and discounts will be available to successful candidates looking to progress to our other certifications.
Preparing for the assessment
Joining instructions including timings will be provided when you book. They are also available at the link below; please study them prior to attending.
You must supply your own laptop, with a security testing distro, Nessus (or some form of VA software) and a working powers supply, wired ethernet port and have admin rights to add and remove software as required. You will need to use the USB ports to copy data.
Please be fully prepared and ready before your given start time; allow 30 minutes to get set up.
We do not currently ask for hard drives to be wiped during this assessment, but all relevant data must be removed from your laptop at the end of the assessment.
The Cyber Scheme is now an Approved ELCAS Provider
ELCAS provides financial support to eligible armed forces members for higher-level learning, offering up to £2,000 annually over three claim years.
All of our assessments, including our CSFL Foundation Level and our flagship Technical Assessment, Cyber Scheme Team Member (CSTM), as well as our training programmes from entry to advanced level are now fully ELCAS-eligible. These certifications provide pathways to high-demand cyber careers and meet strict government standards for assurance schemes including CHECK and Cyber Essentials.
Provider ID: 13341. Please click here for more details.
Inclusivity and Accessibility
The Cyber Scheme believe everyone should have access to a career in security testing. We are available to discuss any concerns you have and are more than happy to make reasonable adjustments for any candidate who requires them during examinations.
These reasonable adjustments are to ensure you are given an equal opportunity to demonstrate the necessary knowledge, skills and behaviours required. We recognise that not all disabilities are visible.
We have a range of reasonable adjustments we can offer depending on what difficulty you might face. If you request an adjustment which we are unable to offer, we will give you a reason why we cannot offer it. This might be because it maps to a key Knowledge, Skill or Behaviour that we have to assess against within the certification. If that is the case, we will tell you which aspect we think would not be properly assessed.