Certified IoT Security Analyst (CISA)

This training exposes participants with skills to assess IoT environment which includes robotic technology, web application, wireless network, and cloud. Participants will be able to identify, perform and mitigate security issues as part of securing IoT environment.


  1. To analyse the main components in IoT environment and technology
  2. To understand the capabilities of components in IoT environment
  3. To conduct Network Security Assessment involving assessing the security protocol
  4. To identify possible mitigation processes
  5. To defend the communication in IoT environment
  6. To perform application security assessment
  7. To provide remediation strategies
  8. To defend the applications in IoT environment
  9. To determine security risk and incident management plan of IoT environment

IT developer, security analyst, engineer, and cloud security analyst.

Module 1: Introduction to IoT
Module 1.1: Introduction to IoT Security

  1. Component of IoT Security
    • Robotic
    • Wireless
    • Web Application
    • Cloud Computing
    • IoT Security Guideline
    • Outcome from IoT Security
Module 1.2: IoT Technology
  1. History of IoT Technology
  2. Current IoT Technology
  3. IoT In Security
  4. Previous Incident in IoT
Module 2: Robotic Technology
Module 2.1: Introduction to Robotic Technology
  1. Introduction to robotic components
  2. Introduction to robotic communications
Module 2.2: Case Study
  1. Case Study 1: Manufacturing
  2. Case Study 2: Autonomous System
Module 2.3: Introduction to type of robotics
  1. Collaborative Robot
  2. Industrial Robot
Module 3: Wireless Network Assessment
Module 3.1: Introduction to Wireless Network
  1. Wi-Fi network fundamentals
  2. Wireless network standard and organization
  3. Wireless threats and attacks
  4. Module 3.2: Information Gathering
  5. Active and Passive Scanning
  6. Using tool: Kismet
Module 3.3: Penetration Testing
  1. Wired equivalent privacy (WEP)
  2. Wi-Fi Protected Access (WPA)
  3. Wi-Fi Protected Access 2 (WPA2)
  4. Cracking WEP & WPA
  5. Wi-Fi protected setup (WPS)
Module 3.4: Wireless Network Defense
Mitigation process

Module 4: Web Application Security
Module 4.1: Introduction to Web Application Security
  1. Use of web applications
  2. Importance of web applications in IoT
Module 4.2: Web Application Threat in IoT
  1. OWASP Top 10 2019
  2. SQL Injection
  3. Cross Site Scripting (XSS)
Module 4.3: Penetration Testing
  1. SQL Injection on Vulnerable Web Site
  2. Cross Site Scripting on Vulnerable Web Site
Module 4.4: Web Application Defense
Mitigation process

Module 5: Cloud
Module 5.1 Introduction to Cloud
  1. Introduction to Cloud
  2. Type of Cloud Computing
  3. Public, Private vs Hybrid Cloud
Module 5.2 Cloud as a Services
  1. Infrastructure as a Services
  2. Platform as a Services
  3. Software as a Services
Module 5.3 Concept and Architecture
  1. Importance of Cloud Computing in IoT
  2. Secure Cloud Architecture
  3. Secure Cloud Implementation
Module 6: Security in IoT
Module 6.1 Introduction to IoT Security Guideline
The importance of IoT Security

Module 6.2 Introduction to IoT Security Infrastructure

Module 6.3 Introduction to IoT Security layer

Module 6.4 IoT Security Requirement
Guideline on IoT Security Requirement

En. Abdul Fuad Bin Abdul Rahman
Head of Department
Malaysian Vulnerability Assessment Centre (MyVAC)

Infosec specialist whose qualifications include a degree in Applied Physics; SSCP, GAWN and TTT designations; and detailed knowledge of security tools, technologies and best practices. Six years of experience in the creation and deployment of solutions protecting networks, systems and information assets for diverse companies and organizations.

The CISA examination is certified by the Global ACE Certification. The examination framework is designed to align with a set of relevant Knowledge, Skills and Attitudes (KSA) that are necessary for a Secure Application Professional. Candidates will be tested via a combination of either continual assessment (CA), multiple choice (MC), theory/underpinning knowledge assessment (UK), practical assessment (PA), assignments (AS) and case studies (CS) as required.

Candidates can take the examination at authorized examination centres in participating member countries. Candidates who have successfully passed the CISA examination will be eligible to apply as an associate or professional member by fulfilling the membership criteria defined under the Global ACE Certification.

Click here to register for certified examination


  • The training program is currently unavailable

Training Fee: MYR3,780.00
Exam Fee: MYR1,255.80

(subject to 8% SST)

Please click here to register

Contact us to request for a quotation

18 CPD Point

Please submit the Certificate of Completion to Global ACE Certification at


Have any inquiries? Check out the FAQ