Server and Desktop Security Assessment

Servers and desktops are found in all organizations and they are crucial to business operations. Servers typically host business data that if lost, may cost the business it’s customer trust. Desktops (and laptops) are the tools used by the organization’s employees to do their work. In order to achieve the organization’s mission, it is important to prevent security incidents such as hacking or ransomware from disrupting the servers and desktops operations.

A key component of the defense-in-depth philosophy in security is to know your vulnerabilities and fix them before they are discovered and exploited by hackers. This course will introduce the participants to techniques of conducting vulnerability assessment thoroughly and in a safe manner.

Participants will learn about the security role operating systems play and how they can be compromised. The course will cover common vulnerabilities found on servers and desktops and how to conduct assessment to discover them. After vulnerabilities are discovered it is important to fix them and this course will discuss some mitigation techniques.

The course format will be a combination of lecture and hands-on exercise to solidify understanding. At the end of the course the participant will understand and will be able to conduct server and security assessment for their organization.


  1. Understand the methodology used in conducting server and desktop security assessment.
  2. Understand common vulnerabilities for servers and desktops
  3. Learn the ways to mitigate the vulnerabilities
  4. Have hands-on experience doing server and desktop security assessment


  1. Management, Administrator, IT Security personnel who are in charge of operating system security in their organization
  2. Anyone interested to learn server and desktop security assessment


  1. Operating system role in security
  2. Hacking Windows operating system
  3. Hacking Unix operating system
  4. Host security assessment
  5. Common vulnerabilities in Windows and Unix operating systems
  6. Mitigation strategies
  7. Hands-on exercise
  8. Conclusion and suggestion for further exploration

En. Ruhama Bin Mohammed Zain
Cyber Security Professional Development
CyberSecurity Malaysia

(CISSP, CISM, CSSLP, ISO27001 Lead Auditor, SANS GWAPT, SANS GPEN, SANS GMOB, CCNA Security) is a security practitioner with 9 years of experience. He has been involved in penetration testing and security assessment of diverse network environments ranging from small to large corporate networks. He has prepared findings and recommendations to mitigate vulnerabilities found during security assessment engagements. Currently he is involved in control system security assessment in CyberSecurity Malaysia.


  • 7 - 8 June 2023
  • 4 - 5 October 2023
*dates are tentative, unless specified

MYR2,200.00 (subject to 6% SST)

Please click here to register

Contact us to request for a quotation

12 CPD Point

Please submit the Certificate of Completion to Global ACE Certification at


Have any inquiries? Check out the FAQ