Supported by: In collaboration with: Organized by:

Ministry of Foreign Affairs

CERTIFIED INCIDENT
MANAGEMENT
AND ACTIVE DEFENSE

The training programme leverages

on the state-of-the-art cyber security
knowledge from domain experts and
experience practitioners. It focuses on
enhancing cyber security skills and
operational capabilities specifically in the
area of cyber security compliance, incident
handling and security assessment.

14 – 23 August 2017
CyberSecurity Malaysia,
Seri Kembangan, Selangor, Malaysia

For more info, visit:

http://mtcp.kln.gov.my ; or https://cyberguru.my
 CERTIFIED INCIDENT MANAGEMENT AND ACTIVE DEFENSE

OBJECTIVES

Cultivating awareness, nurturing adoption Providing practical experience in Providing practical experience in
and establishing capabilities in securing analysing and managing system managing security incidents and
information effectively and creating a vulnerabilities. defending security perimeters.
safer cyberspace.

MODULES

Cyber Security Essentials
To provide a general understanding of the importance of cyber security; create awareness on the
growing cyber threats and how these threats are becoming a catalyst towards cyber terorrism and
Internet radicalization.
To give a broad introduction of cyber security, the risk and the vulnerabilities.
To analyze cyber terrorism framework which descries the core aspects of cyber terrorism.
To understand the ISO/IEC 27001:2013 Information Security Management System (ISMS) -
specifies requirements for the establishing, implementating, monitoring, reviewing, maintaining and
improving the management system for mitigating an organisation’s information security risks.

Incident Handling and To equip participants with intermediate knowledge in incident handling and network scurity through
Network Security proven framework and cases.
Framework To analyse security environment through practitioners’ experience, case studies and hands on
exercises.
To be exposed to the actual cyber drill environment.

Certified Cyber Defender
Associate (CCDA)
To provide understanding and advanced skills in order to formulate defence strategies against
sophisticated cyber attacks.
To formulate defense responses using next-generation firewalls, intrusion prevention systems, URL
filters, anti-spyware systems, anti-virus systems, anti-DDOS systems, data filters and file blocking
systems and advanced application based protection systems.
 CERTIFIED INCIDENT MANAGEMENT AND ACTIVE DEFENSE

Program Outline

Day 1 Opening Ceremony

14 Aug Country Representatives’ Presentation
Visit to CyberSecurity Malaysia’s Laboratories

Day 2 Cyber Security Essentials

15 Aug 1. Cyber Security: The New Frontier; 5. Internet Radicalization;
2. Cyber Security & Cyber Crimes; 6. Terrorist use of the Internet;
3. Cyber Security Management; 7. Cyber Terrorism Framework; and
4. Introduction to Cyber Terrorism; 8. Case studies.

Day 3 Visit to the Ministry of Foreign Affairs Malaysia

16 Aug Cybersecurity Collaboration Program (CCP) Site Visits

Day 4 - 5 Incident Handling and Network Security Framework

17-18 Aug Module 1 - Introduction Security Incident & Incident Module 3 - Hands-on Mini Cyber Drill
Handling 1. Web Security Analysis
1. Security Incident, processes and the framework a. Analysis of SQL Injection attack
2. Incident Handling b. Analysis of RFI attack
a. Security Incident Priority 2. Analysis of LFI attack
b. Handling Intrusion Incident
c. Handling Malware Incident
d. Handling Phishing Incident
e. Handling Spam Incident

Module 2 - Malware Analysis

1. Introduction : Malware Analysis
2. Malware Analysis
Behavior based Analysis
Sandbox Analysis

Day 6 - 9 Certified Cyber Defender Associate

19 - 22 Aug
Module 1 : Understanding the Current Threat Landscape Module 5 : Monitoring and Defending against
CIS Top 20 Critical Controls Advanced Attacks
Cyber Range Splunk - A SIEM monitoring tool
Next Gen-Firewalls Defending against IP layer DDOS Attacks
Defending against Transport layer DDOS Attacks
Module 2 : New Age Threats
Defending against Application layer DDOS Attacks
Viruses and worms
Defending against Botnet and C&C
Malware
Zero day attacks Module 6 : Advanced Security Operations
Vulnerability exploits Malware Blocking
Phishing / Social Engineering Data Leak Prevention (DLP) / Data Filtering
Cyber Espionage / Data Theft File Blocking
URL Filtering
Module 3 : Reconnaissance
Evasion Tactics
Port scan
Web based recon and information gathering Module 7 : Live Fire lab
Command line query Defending Network Under Attack
Parsing Network Under Attack
Module 4 : Vulnerability Management
Packet Analysis and Diagnostics
Host Scanning
Web Application Scanning
CVE
Defending against CVE Vulnerability Attacks

Day 10 Closing Ceremony

23 Aug Wrap Up Session
 CERTIFIED INCIDENT MANAGEMENT AND ACTIVE DEFENSE

Fellowship / Scholarship
Who Should Participate
The terms and conditions of the scholarship / fellowship awards under
the MTCP include the followings:
1. IT professionals and decision makers from the ASEAN and
1. Airfares: OIC-CERT member countries who wish to learn about the
cyber security domain.
An economy class return air tickets from the capital of the recipient’s
country to Kuala Lumpur will be provided by the Government of 2. Information Security practitioners who are seeking to learn
Malaysia (except for some countries which are required to bear their and improve their knowledge and skills in the field of cyber
own airfare; please refer to the MTCP website for further details). security.

3. Critical custodians who are interested to understand and

2. Accommodation: develop technical capabilities in information security
Full board accommodation will be provided for the duration of the management, incident handling and security assessment.
training. Participants are not allowed to change any arrangement
done by the training institution.

3. Courses fees:
All courses fees will be borne by the Government of Malaysia under
the MTCP.

4. Medical Treatment:

How To Apply
Candidates should be certified medically and physically fit to
participate in this program. In the case of emergencies and in need
of medical treatment, the medical expenses in a government
hospital will be borne by the Government of Malaysia.

5. Visa & Vaccination:
Successful participants are advised to arrange for their own visa
and vaccination prior to their travel. All expenses to fulfil these
requirements will be borne by the participants. Successful
participants are required to submit a coloured photocopy of the first
page of their valid passport to the training institution for immigration
purpose.
6. General Condition of Award:
Applicants shall conduct themselves at all times in a manner
compatible with their responsibilities as MTCP scholarship holders
and abide by the rules and regulation of the training institution.
The award may be terminated at any time due to unsatisfactory
progress and conduct of the applicants.
Application should be made using the prescribed MTCP forms
available at
https://mtcpcoms.kln.gov.my/mtcpcoms/online/list_course
The form must be endorsed by the participating countries’
Ministry of Foreign Affairs or Focal Point. The completed forms
must be submitted to the relevant Malaysian Embassy or High
Commission. Please ensure all required information is provided
and legible.
The application form must be submitted together with:
• Copy of the passport;
• Passport size colour photo (3.5cm x 5cm); and
• Medical Report.
Note: Only successful applicants will be notified. No written
notification will be sent to unsuccessful applicants.

**Participants are NOT allowed to bring along their spouse for the
duration of the course.

For more info, visit: http://mtcp.kln.gov.my