Security Posture Compliance, Assessment and Penetration Testing
It is critical for an organization to secure and protect their information system. Security posture assessment exposed potential threats to the information assets and it is a comprehensive evaluation of organization’s enterprise-wide networks environment with objective to mitigate risks and to establish ‘Defense-in-Depth’.
Information security is implemented by systems; policies and procedures in comply with ISO/IEC 27001:2013 Information Security Management System (ISMS). Therefore, the security posture assessment provides a thorough understanding on information security, follows with technical knowledge and skill sets.
- Identify the organization’s information security structure, mitigate risks and enhance overall security. Includes information security awareness and its benefits; introduction to ISO/IEC 27001:2013 requirements and controls for policies and procedures development;
- Establish network assessment skills to mitigate risks within and outside organization’s network infrastructure;
- Establish server and desktop security assessment skills by exposing the vulnerabilities of unsecured Windows and Linux systems;
- Establish web application security assessment skills; and
- Assess the weaknesses and vulnerabilities in target systems and demonstrate hacking attempts by exposing the tools and information that hackers use in underground activities
- Information security practitioners and professionals
- System and network administrators
- Web and application developers
- Penetration testers
ICT Policy Compliance & Physical Security Training
- Compliance Framework
- How to use the Framework
- How to check for compliance
- Physical Security
- Case studies
- Common network vulnerabilities and mitigation
- Methodology and components in building secured network architecture,
- Data flow analysis
- Industry best practices
- Assessment methodology
- Hands-on and practical on network security assessment
- Wireless Encryption Networks
- Wireless Discovery and Sniffing
- Wireless Penetration Testing
- Wireless Vulnerability Testing
- Wireless Traffic Assessment
- Hands-on and practical on wireless security assessment
- Server and desktop vulnerabilities investigation and exploitation
- Security assessment methodologies for both Windows and Linux environment
- Insight and in-depth explanation of reconnaissance approaches
- Mitigation and rectifications
- Hands-on scanning and enumerations
- Web applications security assessment methodology
- Introduction to web application vulnerabilities
- Common web application vulnerabilities and recommendations
- Hands-on exercises
En. Muhammad Arman Bin Selamat
Malaysian Vulnerability Assessment Centre (MyVAC)
Muhammad Arman Bin Selamat is an information security analyst with extensive experiences in Web Application, Network and Computer Security. He has worked with various public and private sector as IT Executive and then served with CyberSecurity Malaysia as an IT Analyst since March 2008.
He has strong technical background and is good team player. He is highly motivated and has excellent analytical, decision making and problem-solving skills. He possesses expertise in programming using ASP, PHP, VB6 & VB.NET. He has an expertise on Web Application Security, Network Security and Host Security.
He also developed and delivered training for a wide range of government bodies and organizations to meet client needs. Through CyberSecurity Malaysia he hopes to support organizations in securing their network to achieve confidentiality, integrity and availability (CIA).
En. Ruhama Bin Mohammed Zain
Cyber Security Professional Development
(CISSP, CISM, CSSLP, ISO27001 Lead Auditor, SANS GWAPT, SANS GPEN, SANS GMOB, CCNA Security) is a security practitioner with 9 years of experience. He has been involved in penetration testing and security assessment of diverse network environments ranging from small to large corporate networks. He has prepared findings and recommendations to mitigate vulnerabilities found during security assessment engagements. Currently he is involved in control system security assessment in CyberSecurity Malaysia.
30 CPD Point
Please submit the Certificate of Completion to Global ACE Certification at www.globalace.org