Course Details
Topic 1: Get Started on Vulnerability Management and Nessus
- What is Vulnerability Manamgenet?
- Download and Install Nessus
- Explore Nessus Interface
Topic 2: Create a Vulnerability Management Program
- Identify Scan Targets
- Scan Frequency
- Scan Configuration
- Scan Perspective
- Scanner Maintenance
Topic 3: Remediating Vulnerabilities
- Report Scan Results
- Priortise Remediatin
- Create a Remediation Workflow
- Barriers to Vulnerabilities Remediation
Topic 4: Analyzing Scan Results
- SCAP
- CVSS
- Analyzing Scan Reports
- Correlating Scan Results
Topic 5: Common Vulnerabilities
- Server Vulnerabilites
- Endpoint Vulnerabilities
- Network Vulnerabilities
- Virutalization Vulnerabilites
- Cross Sie Scripting
- Preventing SQL Injecton
Course Info
HRDF Funding
Please refer to this video https://youtu.be/Kzpd-V1F9Xs
1- HRD Corp Grant Helper
How to submit grant applications for HRD Corp Claimable Courses
2- Employers are required to apply for the grant at least one week before training commences.
Employers must submit their applications with supporting documents, including invoices/quotations, trainer profiles, training schedule and course content.
3- First, Login to Employer’s e-TRIS account -https://etris.hrdcorp.gov.my
Second, Click Application
4- Click Grant on the left side under Applications
5- Click Apply Grant on the left side under Applications
6- Click Apply
7- Choose a Scheme Code and select HRD Corp Claimable Courses: Skim Bantuan Latihan Khas. Then, click Apply
8- Scheme Code represents all types of training that suit the requirements provided by HRD Corp. Below are the list of schemes offered by HRD Corp:
9- Select your Immediate Officer and click Next
10- Select a Training Provider, then click Next
11- Please select a training programme from the list, then key in all the required details and click Next
Select your desired training programme.
Give an explanation on why the participant is required to attend the training. E.g., related to their tasks/ career development, etc.
Explain the background and objective of this training.
Select a relevant focus area. For Employer-Specific Courses, select ‘Not Applicable’.
12- If the training programme is a micro-credential programme, you are required to complete these 3 fields. Save and click Next
Insert MiCAS Application number
13- Based on the nine (9) pillars listed below, HRD Corp Focus Area Courses are closely tied to support government initiatives towards nation building. As such, courses offered through the HRD Corp Focus Areas are designed to provide the workforce with skills required for current and future demands. Details of the focus areas are as follows:
14- Please select a Course Title and Type of Training
15- Select the correct type of training according to the actual type of training, or as mentioned in the training brochure:
16- Please key in the Training Location and click Next
17- Please select the Level of Certification and click Next
18- Please follow the instructions and key in trainee details
19- Click Add Batch, then click Save
20- Click Add Trainee Details
21- Please key in all the required details, then click Add
22- Click Add if there are more participants. Once done, click Save
23- Click Next
24- Please key in the course fees and allowance details, then click Save
25- Estimated cost includes the course fees/external trainer fees, allowances, and consumable training materials. Please comply with the HRD Corp Allowable Cost Matrix.
26- Select Upfront Payment to Training Provider and key in the percentage from 0% to 30%. Then, click Save and Next
27- Complete the declaration form and select a desired officer
28- Add all the required documents, then click Add Attachment. Then, click Save and Submit Application
29- Once the New Grant Application is successfully submitted, the Grant Officer will evaluate the application accordingly. The application may be queried if additional information is required.
The application status will be updated via the employer’s dashboard, email, and the e-TRiS inbox.
Job Roles
- Cyber Security Staff
- Network Engineers
- IT Administrators
Trainers
Muhammed Siraj: Muhammed Siraj is an IT executive, lecturer, trainer, security expert, developer, hardware technician, and entrepreneur with over 15 years of experience in the IT profession. He is an experienced IT instructor who has delivered several lecturers in the area of Cybersecurity, Computer Forensics, and Fraud detection to the military, police, CID, Financial Institutions, among others. In addition to training, he provides consultancy services to Educational and Governmental Institutions in the area of computer security and adoption of Open Source solutions. His experience and knowledge acquired from Ghana, Mali, Denmark, South Africa, and Malaysia, enables him to interact with people of different cultural backgrounds very well.
Skillset:
- Degrees in IT, Economics, Psychology. Currently pursuing his PhD in Computer Science (Security in Computing field)
- Certified CEH, CHFI, Hardware repairs and maintenance.
- Data mining, Office automation, filemaker, Fraud detection, Blockchain, Hardware repairs, Google Power Searcher, Drupal/Laravel/CakePHP developer.
- Proficient in Python, Ruby, PHP, Java, Solidity, VBA, Google Apps Script, Javascript, HTML, CSS, SQL.
Dr. Meisam Eslahi: Dr. Meisam Eslahi is an information security and digital forensics researcher, consultant, and professional trainer with specialized expertise in organized cyber crimes (Botnets) detection and prevention. His domain of interests includes Cyber security Threats Detection, Mitigation and Response, Network and Mobile Behavioral Analysis, Secure BYOD, Cyber safety and Awareness. He has over 14 years of experience in the field of Information Technology mostly focused on Cyber Security, digital forensics, penetration testing and incident response. Meisam has been contributing in many projects, consultancies and developments as follows:
- APT and Botnet Analysis and Detection (Communication Pattern Analysis)
- Red/Blue teaming Design and Implantation
- Digital Forensics with main focus on Memory Analysis
- Telecommunication Fraud Investigation
- Penetration Testing and Vulnerability Assessment
- Cyber (Security) Maturity Assessment
- Disaster Recovery and Incident Response Plan and Implantation
- Creating and Managing an Incident Response Team and Frameworks
Reza Adinehnia: Reza Adinehnia is an experienced Network Security Specialist with a demonstrated history of working in IT industry. He is skilled in Data mining, VMware ESX, Database Security, C, PHP, Computer networks and security. He possesses a strong information technology background with a Doctor of Philosophy (PhD) focused in Computer Security from Universiti Putra Malaysia.
Dr. Touraj Khodadadi: Dr. Touraj Khodadadi is currently an assistant professor of cyber security. Touraj has more than 10 years of experience in IT industry, Touraj has huge experience in (Cyber Security - Consultation - Risk Management – Security Training - Incident Handling - PCI Implementation -Penetration Tester – Security assessment - Develop security policies- Auditing - Code reviewing – Digital Transformation). In addition, he authored and co-authored 30 international journals and conference papers concerning various aspects of computer, information and network security. His main research interests include authentication systems, network security, cryptography, graphical passwords, authentication systems and cloud computing security. Apart from teaching and research activities at the university, he has served as an editor and reviewer for several international journals and conferences. He is also members of several review panels for master and doctoral research defense.
Navid: Navid has 3 years of teaching and 8 years of industry experience in Networking, Internet Of Things and Cyber Security. His research interests include network communication, IoT and Cybersecurity. His experiences in the IoT field and product developments include:
- Wireless communications
- Smart Agriculture
- Micro Controllers
- Arduino
- Raspberry Pi
- Edison Robotic
- AWS
- Node-red
- GPS Tracking
- RFID and NFC
- Advertising TVs
- Smart house
Customer Reviews (1)
- Worst Training ever Review by Course Participant/Trainee
-
1. Do you find the course meet your expectation? 2. Do you find the trainer knowledgeable in this subject? 3. How do you find the training environment
And then, when I ask about topic 6, the trainer said that he did not prepare the material. So i am kinda disappointed with the training. (Posted on 08/12/2020)