5 Days Cybersecurity Specialization

Day 1
Topic 1: Cyber Security Fundamental

Topic 1.1 - Cyber Security Threats

• Introduction to Cyber Security
• Malwares - Viruses, Worms, Trojan Horse, Ransomware, Spyware
• Hoaxes and Phishing Scams
• Social Media and Social Engineering Threats
• Mobile and Online Scams
• Wireless Security Threats
• Network and Remote Access Threats
• Cyber Warfare

Topic 1.2 - Protection Against Cyber Security Threats

• User ID and Passwords Protection
• Home Computer and Information Protection with Firewalls
• Best Practices Against Malware, Computer Viruses and Worms
• Trojans and Spyware Protection
• Protection from Hoaxes and Phishing
• Mobile Devices and Wireless Protection
• Remote Access Protection with SSL
• Social Media and Online Scams Protection

Topic 1.3 - Security Management for Businesses

• Identify Organizations Assets from Cyber Attacks
• Secure Personal Data
• Secure Sockets Layer
• Security Governance
• Business Continuity Planning
• IDS/IPS Systems & Penetration Testing

Day 2
Topic 2: Advanced Cyber Security

Topic 2.1: Port Scanning

• OSI Model
• TCP/IP and UDP Protocols
• IPv4 and IPv6
• Network Ports
• Ping and Traceroute
• Port Scanning Using NMap

Topic 2.2 – Cryptography

• Overview of Cryptography and Encryption
• Classic Cryptography
• Symmetric Key Encryption
• Asymmetric Key Encryption
• WiFi Security
• Secure Key Exchange and Digital Signature
• Hashing Function Cryptography

Topic 2,3 – Vulnerability Scanning

• Overview of Vulnerability Scanning
• Vulnerability Scanning Tools
• Install Nessus
• Perform Vulnerability Scanning Using Nessus
• Common Types of Vulnerabilities
• Cross Site Scripting (XSS) Vulnerability

Day 3
Topic 3: Network Security Fundamental

Topic 3.1 Network Security Threats and Vulnerabilities

• Overview of network security perimeters and data encryption
• Identify network security threats and vulnerabilities

Topic 3.2 Virtual Private Network

• Introduce Virtual Private Network (VPN)
• Address network security deficiencies on VPN

Topic 3.3: Network Hardening

• Implement network hardening measures
• Configure router and switches

Topic 3.4: Network Security Testing

Introduce network security testing tools
Conduct testing to measure network security performance

Topic 3.5 Network Security Debugging

• Overview of network security debugging
• Network sniffing
• Network IP and port scanning

Topic 3.6 Logging and Incident Management

• Distributed denial-of-service (DDoS) detection
• Level of logging
• Incident management

Day 4
Topic 4: Network Anaysis with Wireshark

Topic 4.1. Introduction to Network Analysis and Wireshark

• TCP/IP Analysis Checklist
• Top Causes of Performance Problems
• Get the Latest Version of Wireshark
• Capturing Traffic
• Opening Trace Files
• Processing Packets
• The Qt Interface Overview
• Using Linked Panes
• The Icon Toolbar
• Master the Intelligent Scrollbar
• The Changing Status Bar
• Right-Click Functionality
• General Analyst Resources
• Your First Task When You Leave Class

Topic 4.2. Learn Capture Methods and Use Capture Filters

• Analyze Switched Networks
• Walk-Through a Sample SPAN Configuration
• Analyze Full-Duplex Links with a Network TAP
• Analyze Wireless Networks
• USB Capture
• Initial Analyzing Placement
• Remote Capture Techniques
• Available Capture Interfaces
• Save Directly to Disk
• Capture File Configurations
• Limit Your Capture with Capture Filters
• Examine Key Capture Filters

Topic 4.3. Customize for Efficiency: Configure Your Global Preferences

• First Step: Create a Troubleshooting Profile
• Customize the User Interface
• Add Custom Columns for the Packet List Pane
• Set Your Global Capture Preferences
• Define Name Resolution Preferences
• Configure Individual Protocol Preference

Day 5
Topic 5: Machine Learning for Network Security

Topic 5.1 Artificial Intelligence for Security

• CIA Security Principles
• AI for Cyber Security
• Use Cases of AI Applications on Cyber Security

Topic 5.2 Basics of Machine Learning and AI

• What is AI
• Overview Machine Learning Technologies
• Regression
• Classification
• Clustering and Anomaly Detection
• Synthetic Data Generation
• Neural Network and Deep Learning

Topic 5.3 Intrusion Detection System

• Overview of Intrusion Detection System (IDS)
• Build a Neural Network Model for IDS
• Train and Evaluate the Model
• Challenges of AI for Security

HRDF Funding

Please refer to this video https://youtu.be/Kzpd-V1F9Xs

1-     HRD Corp Grant Helper

How to submit grant applications for HRD Corp Claimable Courses

2-     Employers are required to apply for the grant at least one week before training commences.

Employers must submit their applications with supporting documents, including invoices/quotations, trainer profiles, training schedule and course content.

3-     First, Login to Employer’s e-TRIS account -https://etris.hrdcorp.gov.my

Second, Click Application

4-     Click Grant on the left side under Applications

5-     Click Apply Grant on the left side under Applications

6-     Click Apply

7-     Choose a Scheme Code and select HRD Corp Claimable Courses: Skim Bantuan Latihan Khas. Then, click Apply

8-     Scheme Code represents all types of training that suit the requirements provided by HRD Corp. Below are the list of schemes offered by HRD Corp:

9-     Select your Immediate Officer and click Next

10-  Select a Training Provider, then click Next

11-  Please select a training programme from the list, then key in all the required details and click Next

Select your desired training programme.

Give an explanation on why the participant is required to attend the training. E.g., related to their tasks/ career development, etc.

Explain the background and objective of this training.

Select a relevant focus area. For Employer-Specific Courses, select ‘Not Applicable’.

12-  If the training programme is a micro-credential programme, you are required to complete these 3 fields. Save and click Next

Insert MiCAS Application number

13-  Based on the nine (9) pillars listed below, HRD Corp Focus Area Courses are closely tied to support government initiatives towards nation building. As such, courses offered through the HRD Corp Focus Areas are designed to provide the workforce with skills required for current and future demands. Details of the focus areas are as follows:

14-  Please select a Course Title and Type of Training

15-  Select the correct type of training according to the actual type of training, or as mentioned in the training brochure:

16-  Please key in the Training Location and click Next

17-  Please select the Level of Certification and click Next

18-  Please follow the instructions and key in trainee details

19-  Click Add Batch, then click Save

20-  Click Add Trainee Details

21-  Please key in all the required details, then click Add

22-  Click Add if there are more participants. Once done, click Save

23-  Click Next

24-  Please key in the course fees and allowance details, then click Save

25-  Estimated cost includes the course fees/external trainer fees, allowances, and consumable training materials. Please comply with the HRD Corp Allowable Cost Matrix.

26-  Select Upfront Payment to Training Provider and key in the percentage from 0% to 30%. Then, click Save and Next

27-  Complete the declaration form and select a desired officer

28-  Add all the required documents, then click Add Attachment. Then, click Save and Submit Application

29-  Once the New Grant Application is successfully submitted, the Grant Officer will evaluate the application accordingly. The application may be queried if additional information is required.

The application status will be updated via the employer’s dashboard, email, and the e-TRiS inbox.

• Key Business Managers
• Business Analysts
• IT Consultants
• Project Managers
• Systems Integrators
• Sales & Business Development Executives
• Government officials

Muhammed Siraj: Muhammed Siraj is an IT executive, lecturer, trainer, security expert, developer, hardware technician, and entrepreneur with over 15 years of experience in the IT profession. He is an experienced IT instructor who has delivered several lecturers in the area of Cybersecurity, Computer Forensics, and Fraud detection to the military, police, CID, Financial Institutions, among others. In addition to training, he provides consultancy services to Educational and Governmental Institutions in the area of computer security and adoption of Open Source solutions. His experience and knowledge acquired from Ghana, Mali, Denmark, South Africa, and Malaysia, enables him to interact with people of different cultural backgrounds very well.

Skillset:

• Degrees in IT, Economics, Psychology. Currently pursuing his PhD in Computer Science (Security in Computing field)
• Certified CEH, CHFI, Hardware repairs and maintenance.
• Data mining, Office automation, filemaker, Fraud detection, Blockchain, Hardware repairs, Google Power Searcher, Drupal/Laravel/CakePHP developer.
• Proficient in Python, Ruby, PHP, Java, Solidity, VBA, Google Apps Script, Javascript, HTML, CSS, SQL.

Dr. Touraj Khodadadi: Dr. Touraj Khodadadi is currently an assistant professor of cyber security. Touraj has more than 10 years of experience in IT industry, Touraj has huge experience in (Cyber Security - Consultation - Risk Management – Security Training - Incident Handling - PCI Implementation -Penetration Tester – Security assessment - Develop security policies- Auditing - Code reviewing – Digital Transformation). In addition, he authored and co-authored 30 international journals and conference papers concerning various aspects of computer, information and network security. His main research interests include authentication systems, network security, cryptography, graphical passwords, authentication systems and cloud computing security. Apart from teaching and research activities at the university, he has served as an editor and reviewer for several international journals and conferences. He is also members of several review panels for master and doctoral research defense.