TRAINING PROGRAMME



Incident Handling Hands-on Scenario & Malware Analysis

 

  1. To practice the incident handling knowledge
  2. To learn fundamental malware analysis skills
  3. To explore new tools and analysis techniques
  4. To examine and understand the behavior of unknown binary
  5. To assess malware threats and eradicate infections

 

  1. Computer network incident handling and incident responder professionals
  2. Computer security incident response team members and technical staff
  3. System and network administrators with incident handling experience
  4. X-Maya participants
  5. NC4 players

Incident Handling - Hands-on Scenario

  1. Scenario 1: Email
    • Malicious Email
    • Phishing Email
    • Harassing Email
  2. Scenario 2: Intrusion
    • Web Defacement
  3. Scenario 3: Social Media
    • Impersonation/Fake Profile
  4. Scenario 4: DDoS Analysis
    • Classification of Incident
    • Verify if the DDoS continues or has stopped
    • Identify Victim's ISP
    • Log Analysis
Introduction to Tools for Malware Analysis
  1. Tools for Basic Information Gathering
    • Including hashes, timestamp, etc.
  2. Monitoring Tools for Windows Malware
     
  3. Understanding File Formats and Identifying File Contents
    • Covering packer, malware persistence, DNS, etc.
  4. Online Malware Sandbos Analysis

Malware Analysis on Real Malware Samples
  1. Analyzing and Observing the Following Malware:
    • Computer Worm
    • Rogue AV / Fake AV
    • Ransomware
    • Trojan Horses
    • Crypto-mining Malware
    • Router Malware (Mirai)
    • Parasitic File Infector
    • Browser Based Malware
    • Rootkits
    • File-less Infection
    • Botnet / Backdoor
    • Macro Viruses
    • Keyloggers
Practical Malware Analysis
  1. Preparing Technical Report
  2. Threat Hunting Challenge in Grouping

Pn. Sharifah Roziah Bt Mohd Kassim
Specialist
Malaysian Computer Emergency Response Team (MYCERT)
CyberSecurity Malaysia

Sharifah Roziah currently works as a Specialist for Malaysia Computer Emergency and Response Team (MyCERT) under the umbrella of CyberSecurity Malaysia. Besides being a Specialist, she is also tasked as a Manager of the Security Operation Centre in MyCERT, to ensure computer security incidents reported to MyCERT are responded in a timely and efficient manner. Prior to that, she worked as an Senior Analyst at MyCERT department. Roziah has been involved in the computer security field for over 15 years, mainly in Computer Security Incident Handling. Her area of focus and interest is on Computer Security Incident Handling, Incident Data Analysis and Network Security. Roziah had been a key person in handling and resolving many computer security incidents reported to MyCERT from the Malaysia constituency. Roziah also had appeared in the Malaysia High Court as an Expert Witness for computer related case which had highlights on local news. She had also conducted many talks, presentations, trainings in local and in international in the field of computer security particularly in Computer Security Incident Handling. Apart from that, Roziah has also produced Security Advisories on latest vulnerabilities and threats, Articles, Security Guidelines, Proceeding Paper related to computer security.



Pn. Faiszatulnasro Bt Mohd Maksom
Senior Analyst
Malaysian Computer Emergency Response Team (MYCERT)
CyberSecurity Malaysia

Faiszatulnasro perform monitoring and response on network intrusion activities including external attacks, phishing and sensitive data breaches. Determine appropriate response action required to mitigate risk by providing threat and damage assessment for security threats, which may impact client’s network.

Other than that, she interacts with other experts performing threat analysis and coordinate with other CERT, organization and individual as necessary to convey incident information. Currently involve in CYBER999 service to provide 1st level support and mitigating action by escalating cases to relevant parties.

She perform 2nd level Incident Handling – Identify, analyse, remediate and report on cyber security incidents to ensure technology employed by the incident response team compliments operational processes, to produce periodical reports/analysis to Majlis Keselamatan Negara (MKN) and to involve in Internet Banking Task Force (IBTF) in providing information and handling incidents related to banking and financial institution reported to MyCERT.

Her certifications include Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH) and Systems Security Certified Practitioner (SSCP).



En. Nur Mohammad Kamil Bin Mohammad Alta
Analyst
Malaysian Computer Emergency Response Team (MYCERT)
CyberSecurity Malaysia

A Malware Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His education background comprises of Diploma in Computer Networking Technology, from Advances Technology Institute (ADTEC) Batu Pahat. He is also a GIAC Certified Reverse Engineering Malware (GREM) and Certified Ethical Hacker (CEH).

Kamil has been with the CyberSecurity Malaysia since 2009. He's responsible for the daily operation of analyzing malware, debugging, web security, network security, system development and automation and involve in incident handling service as well. Kamil is involved in various global computer security initiatives such as the Open Source Development Group and the Honeynet Project. Some of his recent work is in the area of malware analysis, distributed honeynet and cyber drill exercises.



En. Muhammad Nur Arif Bin Tomiran
Executive
Malaysian Computer Emergency Response Team (MYCERT)
CyberSecurity Malaysia

Muhammad Nur Arif Bin Tomiran is a Malware Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. Previously he works as software developer at Heitech Padu Berhad.

Arif has been with the CyberSecurity Malaysia since 2018. He's responsible for the daily operation of analyzing malware, debugging, web security, network security, system development and automation and also involve in incident handling service as well. Some of his recent work is in the area of malware analysis, and cyber drill exercises.

He has Bachelor of Computer Science in Information Security and Assurance at Universiti Sains Islam Malaysia, and holds the GCFA certification.

 

  • 5 - 8 April 2021
  • 5 - 8 July 2021
  • 20 - 23 September 2021
  • 8 - 11 November 2021

MYR3,800.00 (subject to 6% SST)

Please click here to register


Contact us to request for a quotation

24 CPD Point

Please submit the Certificate of Completion to Global ACE Certification at www.globalace.org