fbpx

Training with Iverson classes

Training is not a commodity – all training centres are not the same. Iverson Associates Sdn Bhd is the most established, the most reputable, and the top professional IT training provider in Malaysia. With a large pool of experienced and certified trainers, state-of-the-art facilities, and well-designed courseware, Iverson offers superior training, a more impactful learning experience and highly effective results.

At Iverson, our focus is on providing high-quality IT training to corporate customers, meeting their learning needs and helping them to achieve their training objectives. Iverson has the flexibility to provide training solutions whether for a single individual or the largest corporation in a well-paced or accelerated training programme.

Our courses continue to evolve along with the fast-changing technological advances. Our instructor-led training services are available on a public and a private (in-company) basis. Some of our courses are also available as online, on demand, and hybrid training.

With no experience required, it opens opportunities in the field to a much broader range of candidates, including recent graduates, career changers and IT professionals. CC starts newcomers on their path to advanced cybersecurity certifications like the CISSP and future leadership roles.

Official (ISC)² Certified in Cybersecurity (CC) Entry-Level Certification Training will review the content covered in the exam. It prepares candidates by building a solid foundation of knowledge they need to pass the exam and ultimately land an entry- or junior-level cybersecurity role. 

Additional Info

  • Certification Course & Certificate
  • Course Code CC
  • Price 5500
  • Exam Price Include
  • Exam Code CC
  • Duration 2 Days
  • CertificationInfo Certified in Cybersecurity Entry-Level Certification Training
  • Principals EC-Council
  • Schedule

    25-26 Mar 2024

    24-25 Jun 2024

    19-20 Aug 2024

    14-15 Oct 2024

  • Audience

    CC training is for IT professionals, career changers, college students, recent college graduates, advanced high school students and recent high school graduates looking to start their path toward cybersecurity leadership by taking the Certified in Cybersecurity entry-level exam. There are no prerequisites.

     

  • Prerequisities
  • At Course Completion

    After completing this course, learners will be able to:   

    • Discuss the foundational concepts of cybersecurity principles.  

    • Recognize foundational security concepts of information assurance.  

    • Define risk management terminology and summarize the process.  

    • Relate risk management to personal or professional practices.  

    • Classify types of security controls.  

    • Distinguish between policies, procedures, standards, regulations and laws.  

    • Demonstrate the relationship among governance elements.  

    • Analyze appropriate outcomes according to the canons of the (ISC)² Code of Ethics when given examples.  

    • Practice the terminology of and review security policies.  

    • Explain how organizations respond to, recover from and continue to operate during unplanned disruptions.  

    • Recall the terms and components of incident response.  

    • Summarize the components of a business continuity plan.  

    • Identify the components of disaster recovery.  

    • Practice the terminology and review concepts of business continuity, disaster recovery and incident response.  

    • Select access controls that are appropriate in a given scenario.  

    • Relate access control concepts and processes to given scenarios.  

    • Compare various physical access controls.  

    • Describe logical access controls.  

    • Practice the terminology and review concepts of access controls.  

    • Explain the concepts of network security.  

    • Recognize common networking terms and models.  

    • Identify common protocols and port and their secure counterparts.  

    • Identify types of network (cyber) threats and attacks.  

    • Discuss common tools used to identify and prevent threats.  

    • Identify common data center terminology.  

    • Recognize common cloud service terminology.  

    • Identify secure network design terminology.  

    • Practice the terminology and review concepts of network security.  

    • Explain concepts of security operations.  

    • Discuss data handling best practices.  

    • Identify key concepts of logging and monitoring.  

    • Summarize the different types of encryption and their common uses.  

    • Describe the concepts of configuration management.  

    • Explain the application of common security policies.  

    • Discuss the importance of security awareness training.  

    • Practice the terminology and review concepts of network operations.  

  • Module 1 Title Security Principles
  • Module 1 Content

    • Module 1: Understand the Security Concepts of Information Assurance 

    • Module 2: Understand the Risk Management Processes 

    • Module 3: Understand Security Controls 

    • Module 4: Understand Governance Element

    • Module 5: Understand (ISC)2 Code of Ethic

  • Module 2 Title Incident Response, Business Continuity and Disaster Recovery
  • Module 2 Content

    • Module 1: Understand Incident Response 

    • Module 2: Understand Business Continuity  

    • Module 3: Understand Disaster Recovery

  • Module 3 Title Access Controls Concepts
  • Module 3 Content

    • Module 1: Understand Access Control Concept

    • Module 2: Understand Physical Access Control

    • Module 3: Understand Logical Access controls 

  • Module 4 Title Network Security
  • Module 4 Content

    • Module 1: Understand Computer Networking 

    • Module 2: Understand Network (Cyber) Threats and Attacks 

    • Module 3: Understand Network Security Infrastructure 

  • Module 5 Title Security Operations
  • Module 5 Content

    • Module 1: Understand Data Security 

    • Module 2: Understand System Hardening 

    • Module 3: Understand Best Practice Security Policies 

    • Module 4: Understand Security Awareness Training 

  • Module 6 Title Course Summary and Test Preparation
  • Module 6 Content

    • Module 1: Certification Requirements   

    • Module 2: Scheduling the Exam 

    • Module 3: Before the Exam 

    • Module 4: Day of Exam  

    • Module 5: Tips for Reading the Questions  

    • Module 6:  After the Exam

  • Module 7 Content
  • Module 8 Content
  • Module 9 Content
  • Module 10 Content
  • Module 11 Content
  • Module 12 Content
  • Module 13 Content
  • Module 14 Content
  • Module 15 Content
  • Module 16 Content
  • Module 17 Content
  • Module 18 Content
  • Module 19 Content
  • Module 20 Content
  • Module 21 Content
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM5,500.00(+RM440.00 Tax)
* Training Dates:

The Systems Security Certified Practitioner (SSCP®) provides a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. 

This training course will help students review and refresh their knowledge and identify areas they need to study for the SSCP exam. Content aligns with and comprehensively covers the seven domains of the (ISC)² SSCP Common Body of Knowledge (CBK®).

Additional Info

  • Certification Course & Certificate
  • Course Code SSCP
  • Price 9000
  • Exam Price Include
  • Exam Code SSCP
  • Duration 5 Days
  • CertificationInfo Systems Security Certified Practitioner
  • Principals EC-Council
  • Schedule

    26 Feb 2024 - 1 Mar 2024

    27-31 May 2024

    29 Jul 2024 - 2 Aug 2024

    21-25 Oct 2024

  • Audience

    The training seminar is ideal for those with technical skills and practical, hand-on security knowledge working in operational IT positions such as, but not limited to:

    • • Network Security Engineer
    • • Systems/Network Administrator
    • • Security Analyst
    • • Systems Engineer
    • • Security Consultant/Specialist
    • • Security Administrator
    • • Systems/Network Analyst
    • • Database Administrator
  • Prerequisities

    This training course is intended for practitioners who have at least one year of cumulative, paid work experience in one or more of the seven domains of the (ISC)2 SSCP CBK and are pursuing SSCP training and certification to acquire the credibility and mobility to advance within their current information security careers. 

  • At Course Completion

    After completing this course, the student will be able to:

    • Describe security and the alignment of asset management to risk management.

    • Appraise risk management options and the use of access controls to protect assets.

    • Examine the field of cryptography to secure information and communication.

    • Build a security posture by securing software, data, and endpoints.

    • Apply network and communications security to establish a secure networked environment.

    • Evaluate cloud and wireless security.

    • Prepare for incident detection and response.

    • Implement appropriate measures that contribute to the maturation of risk management.

  • Module 1 Title Introducing Security and Aligning Asset Management to Risk Management
  • Module 1 Content

    • Classify information security and security concepts.

    • Summarize components of the asset management lifecycle .

    • Identify common risks and vulnerabilities.

    • Provide examples of appropriate risk treatment.

  • Module 2 Title Understanding Risk Management Options and the Use of Access Controls to Protect Assets
  • Module 2 Content

    • Provide examples of functional security controls and policies for identified scenarios.

    • Classify various access control models.

    • Identify components of the identity management lifecycle.

    • Recognize access control and authentication methods.

  • Module 3 Title Cryptography
  • Module 3 Content

    • Identify the fundamental concepts of cryptography driving requirements and benefits.

    • Recognize symmetric encryption methods.

    • Use asymmetric encryption methods.

    • Examine Public-Key Infrastructure (PKI) systems and certificates.

    • Summarize fundamental key management terms and concepts.

    • Recognize how to implement secure protocols.

    • Review methods of cryptanalytic attack.

  • Module 4 Title Securing Software, Data, and Endpoints
  • Module 4 Content

    • Discuss software systems and application security.

    • Recognize data security concepts and skills.

    • Identify malicious code and countermeasures.

    • Evaluate Mobile Device Management (MDM) and security issues with mobile and autonomous endpoints.

    • Review attacks and countermeasures for virtual machines.

  • Module 5 Title Network and Communications Security
  • Module 5 Content

    • Recognize layers of the OSI Model, their functions, and attacks present at each layer.

    • Identify commonly used ports and protocols.

    • Select appropriate countermeasures for various network attacks.

    • Summarize best practices for establishing a secure networked environment.

  • Module 6 Title Cloud and Wireless Security
  • Module 6 Content

    • Recall cloud security concepts and configurations.

    • Recognize types of virtualization and cloud security considerations.

    • Summarize the types of telecommunications and network access controls.

  • Module 7 Title Incident Detection and Response
  • Module 7 Content

    • Review the steps for monitoring, incident detection, and data loss prevention using all source intelligence.

    • Identify the elements of an incident response policy and members of the incident response team (IRT).

    • Classify the SSCP's role in supporting forensic investigations.

  • Module 8 Title Maturing Risk Management
  • Module 8 Content

    • Identify operational aspects of change management.

    • Summarize physical security considerations.

    • Design a security education and awareness strategy.

    • Recognize common security assessment activities.

    • Classify the components of a business continuity plan and disaster recovery plan.

  • Module 9 Content
  • Module 10 Content
  • Module 11 Content
  • Module 12 Content
  • Module 13 Content
  • Module 14 Content
  • Module 15 Content
  • Module 16 Content
  • Module 17 Content
  • Module 18 Content
  • Module 19 Content
  • Module 20 Content
  • Module 21 Content
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM9,000.00(+RM720.00 Tax)
* Training Dates:

EC-Council Certified DevSecOps Engineer (E|CDE) is a hands-on, instructor-led comprehensive DevSecOps certification program that helps professionals build the essential skills to design, develop, and maintain secure applications and infrastructure.


• The E|CDE covers both on-premises and cloud-native environments (including AWS Cloud and Microsoft Azure) with 80+ labs from the creators of the world’s number one ethical hacking program, the Certified Ethical Hacker (C|EH).
• Designed and developed by SMEs with contributions by experienced DevSecOps professionals from around the world.

 

Why E|CDE?


• Adding security to a DevOps skill set enhances career prospects.
• The information provided in the E|CDE course is complemented with labs to help learners hone their practical skills and become industry ready.
• This course teaches students how to use various DevSecOps tools and create secure code throughout the software development life cycle.
• Participants gain familiarity with DevSecOps tools that enable the secure development of software and web applications, both on premises and in the cloud.
• The E|CDE course focuses on application DevSecOps and also provides insights into infrastructure DevSecOps.
• The integration of today’s most popular and important tools is illustrated at each stage of the DevOps life cycle.
• The E|CDE program helps DevSecOps engineers develop and enhance their knowledge and skills in securing applications at all stages of the DevOps pipeline.

Additional Info

  • Certification Course & Certificate
  • Course Code E|CDE
  • Price 4700
  • Exam Price Include
  • Exam Code E|CDE 312-97
  • Duration 3 Days
  • Principals EC-Council
  • Schedule

    1 - 3 Mar 2023

    7 - 9 Jun 2023

    20 - 22 Sep 2023

    6 - 8 Dec 2023

  • Audience
    • C|ASE-certified professionals
    • Application security professionals
    • DevOps engineers
    • IT security professionals
    • Cybersecurity engineers and analysts
    • Software engineers and testers
    • Anyone with prior knowledge of application security who wants to build a career in DevSecOps
  • Prerequisities

    Students should have an understanding of application security concepts.

  • At Course Completion

    • Understand DevOps security bottlenecks and discover how the culture, philosophy, practices, and tools of DevSecOps can enhance collaboration and communication across development and operations teams.

    • Understand the DevSecOps toolchain and how to include security controls in automated DevOps pipelines.

    • Integrate Eclipse and GitHub with Jenkins to build applications.

    • Align security practices like security requirement gathering, threat modeling, and secure code reviews with development workflows.

    • Integrate threat modeling tools like Threat Dragon, ThreatModeler, and Threatspec; manage security requirements with Jira and Confluence; and use Jenkins to create a secure CI/CD pipeline.

    • Understand and implement continuous security testing with static, dynamic, and interactive application security testing and SCA tools (e.g., Snyk, SonarQube, StackHawk, Checkmarx SAST, Debricked, WhiteSource Bolt).

    • Integrate runtime application selfprotection tools like Hdiv, Sqreen, and Dynatrace that protect applications during runtime with fewer false positives and remediate known vulnerabilities.

    • Integrate SonarLint with the Eclipse and Visual Studio Code IDEs.

    • Implement tools like the JFrog IDE plugin and the Codacy platform.

    • Integrate automated security testing into a CI/CD pipeline using Amazon CloudWatch; Amazon Elastic Container Registry; and AWS CodeCommit, CodeBuild, CodePipeline, Lambda, and Security Hub.

    • Implement various automation tools and practices, including Jenkins, Bamboo, TeamCity, and Gradle.

    • Perform continuous vulnerability scans on data and product builds using automated tools like Nessus, SonarCloud, Amazon Macie, and Probely.

    • Implement penetration testing tools like gitGraber and GitMiner to secure CI/CD pipelines.

    • Use AWS and Azure tools to secure applications.

    • Integrate automated tools to identify security misconfigurations that could expose sensitive information and result in attacks.

    • Understand the concept of infrastructure as code and provision and configure infrastructure using tools like Ansible, Puppet, and Chef.

    • Audit code pushes, pipelines, and compliance using logging and monitoring tools like Sumo Logic, Datadog, Splunk, the ELK stack, and Nagios.

    • Use automated monitoring and alerting tools (e.g., Splunk, Azure Monitor, Nagios) and create a real-time alert and control system.

    • Integrate compliance-as-code tools like Cloud Custodian and the DevSec framework to ensure that organizational regulatory or compliance requirements are met without hindering production.

    • Scan and secure infrastructure using container and image scanners (Trivy and Qualys) and infrastructure security scanners (Bridgecrew and Checkov).

    • Integrate tools and practices to build continuous feedback into the DevSecOps pipeline using Jenkins and Microsoft Teams email notifications.

    • Integrate alerting tools like Opsgenie with log management and monitoring tools to enhance operations performance and security

  • Module 1 Title Understanding DevOps Culture
  • Module 2 Title Introduction to DevSecOps
  • Module 3 Title DevSecOps Pipeline—Plan Stage
  • Module 4 Title DevSecOps Pipeline—Code Stage
  • Module 5 Title DevSecOps Pipeline—Build and Test Stage
  • Module 6 Title DevSecOps Pipeline—Release and Deploy Stage
  • Module 7 Title DevSecOps Pipeline—Operate and Monitor Stage
RM4,700.00(+RM376.00 Tax)
* Training Dates:

A Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A C|EH® understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.

 

The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide.

 

In its 12th version, the Certified Ethical Hacker provides comprehensive training, hands on learning labs, practice cyber ranges for engagement, certification assessments, cyber competitions, and opportunities for continuous learning into one comprehensive program curated through our new learning framework: 1. Learn 2. Certify 3. Engage 4. Compete.

 

The C|EH v12 also equips aspiring cybersecurity professionals with the tactics, techniques, and procedures (TTPs) to build ethical hackers who can uncover weaknesses in nearly any type of target system before cybercriminals do.

 

The C|EH® v12 is a specialized and one-of-a-kind training program to teach you everything you need to know about ethical hacking with hands-on training, labs, assessment, a mock engagement (practice), and global hacking competition. Stay on top of the game with the most in-demand skills required to succeed in the field of cybersecurity.

 

  1. LEARN
  • 5 days of training
  • 20 modules
  • 3000+ pages of student manual
  • 1900+ pages of lab manual
  • Over 200 hands-on labs with competition flags
  • Over 3,500 hacking tools - Learn how to hack multiple operating systems (Windows 11, Windows servers, Linux, Ubuntu, Android)
  • MITRE Attack Framework
  • Diamond model of intrusion analysis
  • Techniques for establishing persistence
  • Evading NAC and endpoint security
  • Understand Fog, Edge, and Grid Computing Model

 

  1. CERTIFY

C|EH® ANSI

  • 125 Multiple-Choice Questions
  • 4 hours

C|EH® Practical

  • 6-hour Practical Exam
  • 20 Scenario-Based Questions

 

  1. ENGAGE
  • Conduct a real-world ethical hacking assignment
  • Apply the 5 phases
    • Reconnaissance
    • Scanning
    • Gaining Access
    • Maintaining Access
    • Covering Your Tracks

 

  1. COMPETE
  • New challenges every month
  • 4-hour competition
  • Compete with your peers all over the world
  • Hack your way to the top of the leaderboard
  • Gain recognition
  • Challenges include:
    • OWASP Top 10 Web Application Threat Vectors
    • Ransomware/ Malware Analysis
    • Outdated/Unpatched Software
    • System Hacking and Privilege Escalation
    • Web Application Hacking and Pen Testing
    • Cloud Attack/Hacking
    • and many more...

 

Content Included

  • eCourseware
  • Exam Voucher*
  • Next version of eCourseware
  • 6 months of official labs
  • C|EH Engage
  • Global C|EH Challenges
  • Exam Preparation
  • C|EH Practical Exam
  • 10 Ethical Hacking Video Library
  • 4 Exam Retakes**

*Exam retakes are included with every courseware package. Candidates may activate this benefit through the EC-Council student portal (ASPEN)

** Proctor administration fees will be applicable for each attempt of the retake examination

 

Additional Info

  • Certification Course & Certificate
  • Course Code CEH-M
  • Price 7800
  • Exam Price Include
  • Exam Code 312-50 & 312
  • Duration 5.5
  • Principals EC-Council
  • Schedule

    Available upon request

  • Audience
    • Mid-Level Information Security Auditor
    • Cybersecurity Auditor
    • Security Administrator
    • IT Security Administrator
    • Cyber Defense Analyst
    • Vulnerability Assessment Analyst
    • Warning Analyst
    • Information Security Analyst 1
    • Security Analyst L1
    • Infosec Security Administrator
    • Cybersecurity Analyst level 1, level 2, & level 3
    • Network Security Engineer
    • SOC Security Analyst
    • Security Analyst
    • Network Engineer
    • Senior Security Consultant
    • Information Security Manager
    • Senior SOC Analyst
    • Solution Architect
    • Cybersecurity Consultant
  • Prerequisities

    There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here: https://www.eccouncil.org/academia/essentials

  • At Course Completion

    C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.

     

    Ethical Hacking Labs

    With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.

  • Module 1 Title Introduction to Ethical Hacking
  • Module 2 Title Foot Printing and Reconnaissance
  • Module 3 Title Scanning Networks
  • Module 4 Title Enumeration
  • Module 5 Title Vulnerability Analysis
  • Module 6 Title System Hacking
  • Module 7 Title Malware Threats
  • Module 8 Title Sniffing
  • Module 9 Title Social Engineering
  • Module 10 Title Denial-of-Service
  • Module 11 Title Session Hijacking
  • Module 12 Title Evading IDS, Firewalls, and Honeypots
  • Module 13 Title Hacking Web Servers
  • Module 14 Title Hacking Web Applications
  • Module 15 Title SQL Injection
  • Module 16 Title Hacking Wireless Networks
  • Module 17 Title Hacking Mobile Platforms
  • Module 18 Title IoT and OT Hacking
  • Module 19 Title Cloud Computing
  • Module 20 Title Cryptography
RM7,800.00(+RM624.00 Tax)
* Training Dates:

Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A C|EH® understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.

 

The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide. It is the most trusted ethical hacking certification that employers worldwide value, and for good reasons. The comprehensive curriculum covers the fundamentals of ethical hacking, foot printing and reconnaissance, scanning, enumeration, vulnerability threats, social engineering, SQL injection, and much more.

 

When you successfully achieve the C|EH certification, you will be equipped with every skill you need to uncover vulnerabilities and secure the systems, networks, applications, databases, and critical data from malicious hackers.

 

LEARN

  • 5 days of training
  • 20 modules
  • 3000+ pages of student manual
  • 1900+ pages of lab manual
  • Over 200 hands-on labs with competition flags
  • Over 3,500 hacking tools - Learn how to hack multiple operating systems (Windows 11, Windows servers, Linux, Ubuntu, Android)
  • MITRE Attack Framework
  • Diamond model of intrusion analysis
  • Techniques for establishing persistence
  • Evading NAC and endpoint security
  • Understand Fog, Edge, and Grid Computing Model

Additional Info

  • Certification Course & Certificate
  • Course Code CEH
  • Price RM6200
  • Exam Price Include
  • Exam Code 312-50
  • Duration 5 Days
  • Principals EC-Council
  • Schedule 15-19 Jan 2024 (Penang Date)
    29 Jan - 2 Feb 2024
    19-23 Feb 2024
    18-22 Mar 2024
    22-26 Apr (KL & Penang Dates)
    27-31 May 2024
    24-28 Jun 2024
    22-26 Jul 2024
    12-16 Aug 2024 (KL & Penang Dates)
    2-6 Sep 2024
    30 Sep - 4 Oct 2024
    4-8 Nov 2024
    11-15 Nov 2024 (Penang Date)
    2-6 Dec 2024
  • Audience
    • Mid-Level Information Security Auditor
    • Cybersecurity Auditor
    • Security Administrator
    • IT Security Administrator
    • Cyber Defense Analyst
    • Vulnerability Assessment Analyst
    • Warning Analyst
    • Information Security Analyst 1
    • Security Analyst L1
    • Infosec Security Administrator
    • Cybersecurity Analyst level 1, level 2, & level 3
    • Network Security Engineer
    • SOC Security Analyst
    • Security Analyst
    • Network Engineer
    • Senior Security Consultant
    • Information Security Manager
    • Senior SOC Analyst
    • Solution Architect
    • Cybersecurity Consultant
  • Prerequisities

    There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here: https://www.eccouncil.org/academia/essentials

  • At Course Completion

    C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.

     

    Ethical Hacking Labs

    With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.

  • Module 1 Title Introduction to Ethical Hacking
  • Module 1 Content
  • Module 2 Title Foot Printing and Reconnaissance
  • Module 2 Content
  • Module 3 Title Scanning Networks
  • Module 3 Content
  • Module 4 Title Enumeration
  • Module 4 Content
  • Module 5 Title Vulnerability Analysis
  • Module 5 Content
  • Module 6 Title System Hacking
  • Module 6 Content
  • Module 7 Title Malware Threats
  • Module 7 Content
  • Module 8 Title Sniffing
  • Module 8 Content
  • Module 9 Title Social Engineering
  • Module 9 Content
  • Module 10 Title Denial-of-Service
  • Module 10 Content
  • Module 11 Title Session Hijacking
  • Module 11 Content
  • Module 12 Title Evading IDS, Firewalls, and Honeypots
  • Module 12 Content
  • Module 13 Title Hacking Web Servers
  • Module 13 Content
  • Module 14 Title Hacking Web Applications
  • Module 14 Content
  • Module 15 Title SQL Injection
  • Module 15 Content
  • Module 16 Title Hacking Wireless Networks
  • Module 16 Content
  • Module 17 Title Hacking Mobile Platforms
  • Module 17 Content
  • Module 18 Title IoT and OT Hacking
  • Module 18 Content
  • Module 19 Title Cloud Computing
  • Module 19 Content
  • Module 20 Title Cryptography
  • Module 20 Content
  • Module 21 Content
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM6,200.00(+RM496.00 Tax)
* Training Dates:

Candidates who do not yet have 5 years of information security experience in at least 3 of the 5 CCISO Domains can still pursue a management certification to help propel their careers and put them on fast track toward obtaining the CCISO. EISM students must attend training – the same CCISO training that upper level executives attend – before attempting the EISM exam. There are no experience requirements for this exam. The courseware and training programs are exactly the same as those of the CCISO program. Imagine being able to push your new information security career forward using the same resources as seasoned professionals. That’s what the EISM program does. The EISM exam is a light version of the CCISO exam and tests the fundamentals of information security management.

 

Additional Info

  • Certification Course & Certificate
  • Course Code EISM
  • Price 12000
  • Exam Price Include
  • Exam Code 512-50
  • Duration 4 days
  • Principals EC-Council
  • Schedule

    Available upon request 

  • Audience

    The EISM program is right for you if you:

    • You do not meet the minimum experience requirements for the CCISO program
    • You are more interested in a management career path than in a technical one
    • You have strong management skills and have worked in the information security industry for at least three years.
    • You are interested in one day obtaining a position as a CISO
  • Prerequisities

    All EISM students must take EC-Council official training before sitting for the EISM exam.

  • Module 1 Title Domain 1 Governance (Policy, Legal & Compliance)
  • Module 1 Content

    Domain 1 covers Policy, Legal, and Compliance issues involved in the executive management of an Information Security Program.

  • Module 2 Title Domain 2 IS Management Controls and Auditing Management
  • Module 2 Content

    Domain 2 is concerned with Audit and Risk Management, including understanding your organization’s risk tolerance and managing accordingly.

  • Module 3 Title Domain 3 Management – Projects and Operations (Projects, Technology & Operations)
  • Module 3 Content

    Domain 3 covers many of the day-today aspects of the CISO job including project, technology, and operations management.

  • Module 4 Title Domain 4 Information Security Core Competencies
  • Module 4 Content

    Domain 4 delves into the technology of the CISO’s role, but from an executive perspective.

  • Module 5 Title Domain 5 Strategic Planning & Finance.
  • Module 5 Content

    Domain 5 covers Finance and Strategic management, some of the key skills that help CISOs rise to the level of their peer C-Level executives.

  • Module 6 Title The Exam
  • Module 6 Content

    The C|CISO Exam was developed by practicing CISOs and based on the real-world scenarios professionals from across industries have faced while securing some of the most prestigious organizations in the world. Applicant’s knowledge in all five of the C|CISO Domains will be tested on the exam that focuses on scenario-based questions and requires applicants to apply their real-world experience in order to answer successfully. To that end, in order to qualify to sit for the C|CISO Exam after taking the C|CISO class, applicants have at least 5 years of information security experience in 3 or more of the C|CISO Domains. Any student lacking this experience may take the ECCouncil Information Security Management exam and earn the EISM certification. In order to sit for the C|CISO exam and earn the certification, candidates must meet the basic C|CISO requirements. Candidates who do not yet meet the C|CISO requirements but are interested in information security management can pursue the EC-Council Information Security Management (EISM) certification.

    EXAM TITLE : EC-Council Certified CISO

    EXAM CODE : 712-50

    # OF QUESTIONS : 150

    DURATION :2.5 Hours

    AVAILABILITY : ECC Exam Portal

    TEST FORMAT : Scenario-based multiple choice

    PASSING SCORE : 72%

RM12,000.00(+RM960.00 Tax)

EC-Council has developed the Certified Cybersecurity Technician certification:

  • To validate hands-on technician level IT and cybersecurity skills.
  • It’s an entry-level cybersecurity program engineered by the creators of the Certified Ethical Hacker program to address the global demand for cybersecurity technicians.
  • To prepare individuals with core security skills to pursue and develop their cybersecurity careers as cybersecurity specialists, consultants, network engineers, or IT administrators

Additional Info

  • Certification Course & Certificate
  • Course Code CCT
  • Price RM5000
  • Exam Price Include
  • Exam Code 212-82
  • Duration 5 Days
  • CertificationInfo EC-Council Certified Cybersecurity Technician
  • Principals EC-Council
  • Schedule

    15-19 Jan 2024

    24-28 Jun 2024

    23-27 Sep 2024

    4-8 Nov 2024

  • Audience

    The C|CT course can be taken by students, IT professionals, IT managers, career changers, and any individual seeking a career in cybersecurity, or aspiring to advance their existing role. This course is ideal for those entering the cybersecurity workforce, providing foundational technician level, hands-on skills to solve the most common security issues organizations face today.

  • Prerequisities

    There are no specific prerequisites to take the C|CT course and attempt the C|CT certification exam. Although this is an entry-level course, a working knowledge of IT networking and basic cybersecurity concepts will be an advantage to anyone taking this course.

  • At Course Completion
    1. Key issues plaguing the cybersecurity industry (information security and network security)
    2. Information security threats, vulnerabilities, and attacks
    3. Different types of malware
    4. Network security fundamentals
    5. Identification, authentication, and authorization concepts
    6. Network security controls
    • Administrative controls (frameworks, laws, acts, governance and compliance program, and security policies)
    • Physical controls (physical security controls, workplace security, and environmental controls)
    • Technical controls (network security protocols, network segmentation, firewall, IDS/IPS, honeypot, proxy server, VPN, UBA, NAC, UTM, SIEM, SOAR, load balancer, and anti-malware tools)
    1. Network security assessment techniques and tools (threat hunting, threat intelligence, vulnerability assessment, ethical hacking, penetration testing, and configuration and asset management)
    2. Application security design and testing techniques
    3. Fundamentals of virtualization, cloud computing, and cloud security
    4. Wireless network fundamentals, wireless encryption, and security measures
    5. Fundamentals of mobile, IoT, and OT devices and their security measures
    6. Cryptography and public key infrastructure concepts
    7. Data security controls, data backup and retention methods, and data loss prevention techniques
    8. Network troubleshooting, traffic monitoring, log monitoring, and analysis for suspicious traffic
    9. Incident handling and response process
    10. Computer forensics fundaments, digital evidence, and forensic investigation phases
  • Module 1 Title Information Security Threats and Vulnerabilities
  • Module 1 Content
  • Module 2 Title Information Security Attacks
  • Module 2 Content
  • Module 3 Title Network Security Fundamentals
  • Module 3 Content

     

     

     

     

     


     

  • Module 4 Title Identification, Authentication, and Authorization
  • Module 4 Content
  • Module 5 Title Network Security Controls – Administrative Controls
  • Module 5 Content
  • Module 6 Title Network Security Controls – Physical Controls
  • Module 6 Content
  • Module 7 Title Network Security Controls – Technical Controls
  • Module 7 Content
  • Module 8 Title Network Security Assessment Techniques and Tools
  • Module 8 Content

     

     

  • Module 9 Title Application Security
  • Module 9 Content
  • Module 10 Title Virtualization and Cloud Computing
  • Module 10 Content
  • Module 11 Title Wireless Network Security
  • Module 11 Content
  • Module 12 Title Mobile Device Security
  • Module 12 Content
  • Module 13 Title IoT and OT Security
  • Module 13 Content
  • Module 14 Title Cryptography
  • Module 14 Content
  • Module 15 Title Data Security
  • Module 15 Content
  • Module 16 Title Network Troubleshooting
  • Module 16 Content
  • Module 17 Title Network Traffic Monitoring
  • Module 17 Content
  • Module 18 Title Network Logs Monitoring and Analysis
  • Module 18 Content
  • Module 19 Title Incident Response
  • Module 19 Content
  • Module 20 Title Computer Forensics
  • Module 20 Content
  • Module 21 Title Business Continuity and Disaster Recovery
  • Module 21 Content
  • Module 22 Title Risk Management
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM5,000.00(+RM400.00 Tax)
* Training Dates:

Official (ISC)²® Training Seminar for the Certified Cloud Security Professional (CCSP®) provides a comprehensive review of the knowledge required for understanding cloud computing and its information security risks and mitigation strategies. This training course will help students review and refresh their knowledge and identify areas they need to study for the CCSP exam. Content aligns with and comprehensively covers the six domains of the (ISC)² CCSP Common Body of Knowledge (CBK®), ensuring relevancy across all disciplines in the field of cloud security.
Official courseware is developed by (ISC)² – creator of the CCSP CBK  – to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the CCSP and have completed intensive training to teach (ISC)² content. 

CCSP Domains

• Domain 1. Cloud Concepts, Architecture and Design

• Domain 2. Cloud Governance: Legal, Risk and Compliance 

• Domain 3. Cloud Data Security 

• Domain 4. Cloud Platform and Infrastructure Security 

• Domain 5. Cloud Application Security 

• Domain 6. Cloud Security Operations 

Additional Info

  • Certification Course & Certificate
  • Course Code CCSP
  • Price RM9500
  • Exam Price Include
  • Exam Code CCSP
  • Duration 4 Days
  • CertificationInfo Certified Cloud Security Professional
  • Principals EC-Council
  • Schedule

    19-23 Feb 2024

    18-22 Mar 2024

    22-26 Apr 2024

    27-31 May 2024

    1-5 Jul 2024

    5-9 Aug 2024

    2-6 Sep 2024

    7-11 Oct 2024

    4-8 Nov 2024

    2-6 Dec 2024

  • Audience

    This training is intended for professionals who have at least five years of full-time IT experience, including three years in information security and at least one year in cloud security, and are pursuing CCSP certification to enhance credibility and career mobility. The seminar is ideal for those working in positions such as, but not limited to:

    • Security Manager   
    • Systems Architect  
    • Systems Engineer   
    • Security Architect   
    • Security Consultant
    • Security Engineer
    • Enterprise Architect
    • Security Administrator
  • Prerequisities

    Experienced information security professionals with at least five years of IT experience, including three years of information security and at least one year of cloud security experience.

    · CISSP Certification Prep Course

  • At Course Completion

    After completing this course, you will be able to:

    1.  Understand legal frameworks and guidelines that affect cloud services.
    2.  Recognize the fundamentals of data privacy regulatory/legislative mandates.
    3.  Assess risks, vulnerability, threats, and attacks in the cloud environment.
    4.  Evaluate the design and plan for cloud infrastructure security controls.
    5.  Evaluate what is necessary to manage security operations.
    6.  Understand what operational controls and standards to implement.
    7.  Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
    8.  Identify key terminology, and associated definitions related to cloud technology.
    9.  Establish a common terminology for use within your team or workgroup.
    10. Build a business case for cloud adoption and determine business units that benefit from cloud migration strategies.

  • Module 1 Title Cloud Concepts, Architecture and Design
  • Module 1 Content

    • State the essential characteristics of cloud computing 

    • Describe the fundamental cloud computing services 

    • Describe the cloud computing reference architectures 

    • Explain cloud computing activities 

    • Compare cloud service capabilities and models 

    • Describe cloud deployment models 

    • Summarize economic characteristics of cloud computing 

    • Evaluate cloud computing ROI and KPI metrics 

    • Summarize cloud computing security concepts 

    • Describe key security considerations for each service model 

    • Analyze key cloud service provider contractual relationship documents 

  • Module 2 Title Cloud Governance: Legal, Risk and Compliance
  • Module 2 Content

    • Explain the issues with international conflict of law 

    • Interpret guidelines for digital forensics 

    • Identify the fundamentals of data privacy regulatory/legislative mandates 

    • Summarize audit process, methodologies and cloud-ready adaptations 

    • Describe risk management related to cloud services 

    • Identify due care/diligence activities related to service contracts 

  • Module 3 Title Cloud Data Security
  • Module 3 Content

    • Discuss cloud data security concepts 

    • Describe cryptography 

    • Explain data discovery and classification technologies 

    • Interpret cloud data storage architectures 

    • Analyze information rights management 

    • Assess cloud data security strategies 

    • Compare solutions for cloud data retention, deletion and archival policies 

    • Explain basic security concepts in the cloud 

  • Module 4 Title Cloud Platform and Infrastructure Security
  • Module 4 Content

    • Compare cloud infrastructure components 

    • Select standard practices for implementing a secure data center design 

    • Assess risks, vulnerability, threats and attacks in the cloud environment 

    • Discover components for planning and implementing security controls 

    • Evaluate the design and plan for cloud infrastructure security controls 

    • Appraise appropriate identity and access management (IAM) solutions 

    • Recommend business continuity and disaster recovery (BCDR) standards 

  • Module 5 Title Cloud Application Security
  • Module 5 Content

    • Explain training and awareness solutions for application security 

    • Assess challenges in the secure software development life cycle (SDLC) process 

    • Select a threat model for securing software development 

    • Demonstrate cloud software assurance and validation 

    • Choose verified secure software 

    • Explain the specifics of a cloud application architecture 

  • Module 6 Title Cloud Security Operations
  • Module 6 Content

    • Analyze what is used to manage and operate physical and logical infrastructure of a cloud environment 

    • Discuss operational controls and standards 

    • Identify methodologies for supporting digital forensics 

    • Identify critical communication needs with relevant parties 

    • Define auditability, traceability and accountability of security-relevant data events 

    • Select requirements to implement secure operations

  • Module 7 Content
  • Module 8 Content
  • Module 9 Content
  • Module 10 Content
  • Module 11 Content
  • Module 12 Content
  • Module 13 Content
  • Module 14 Content
  • Module 15 Content
  • Module 16 Content
  • Module 17 Content
  • Module 18 Content
  • Module 19 Content
  • Module 20 Content
  • Module 21 Content
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM9,500.00(+RM760.00 Tax)
* Training Dates:

Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence.

 

In the ever-changing threat landscape, C|TIA is an essential program for those who deal with cyber threats on a daily basis. Organizations today demand a professional-level cybersecurity threat intelligence analyst who can extract the intelligence from data by implementing various advanced strategies. Such professional-level programs can only be achieved when the core of the curricula maps with and is compliant to government and industry published threat intelligence frameworks.

 

C|TIA is a method-driven program that uses a holistic approach, covering concepts from planning the threat intelligence project to building a report to disseminating threat intelligence. These concepts are highly essential while building effective threat intelligence and, when used properly, can secure organizations from future threats or attacks. This program addresses all the stages involved in the Threat Intelligence Life Cycle. This attention to a realistic and futuristic approach makes C|TIA one of the most comprehensive threat intelligence certifications on the market today. This program provides the solid, professional knowledge that is required for a career in threat intelligence, and enhances your skills as a Threat Intelligence Analyst, increasing your employability. It is desired by most cybersecurity engineers, analysts, and professions from around the world and is respected by hiring authorities.

The Purpose of C|TIA is: 

  • To enable individuals and organizations with the ability to prepare and run a threat intelligence program that allows ‘evidence-based knowledge’ and provides ‘actionable advice’ about ‘existing and unknown threats’.
  • To ensure that organizations have predictive capabilities rather than just proactive measures beyond active defense mechanism.
  • To empower information security professionals with the skills to develop a professional, systematic, and repeatable real-life threat intelligence program.
  • To differentiate threat intelligence professionals from other information security professionals

For individuals: To provide an invaluable ability of structured threat intelligence to enhance skills and boost their employability.

Additional Info

  • Certification Course & Certificate
  • Course Code CTIA
  • Price 4982
  • Exam Price Include
  • Exam Code 312-85
  • Duration 3 Days
  • Principals EC-Council
  • Schedule

    Available Upon Request

  • Audience
    • Ethical Hackers
    • Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers
    • Threat Intelligence Analysts, Associates, Researchers, Consultants
    • Threat Hunters
    • SOC Professionals
    • Digital Forensic and Malware Analysts
    • Incident Response Team Members
    • Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.
    • Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.
    • Individuals interested in preventing cyber threats.
  • Module 1 Title Introduction to Threat Intelligence
  • Module 1 Content
    • Understanding Intelligence
    • Understanding Cyber Threat Intelligence
    • Overview of Threat Intelligence Lifecycle and Frameworks
  • Module 2 Title Cyber Threats and Kill Chain Methodology
  • Module 2 Content
    • Understanding Cyber Threats
    • Understanding Advanced Persistent Threats (APTs)
    • Understanding Cyber Kill Chain
    • Understanding Indicators of Compromise (IoCs)
  • Module 3 Title Requirements, Planning, Direction, and Review
  • Module 3 Content
    • Understanding Organization’s Current Threat Landscape
    • Understanding Requirements Analysis
    • Planning Threat Intelligence Program
    • Establishing Management Support
    • Building a Threat Intelligence Team
    • Overview of Threat Intelligence Sharing
    • Reviewing Threat Intelligence Program
  • Module 4 Title Data Collection and Processing
  • Module 4 Content
    • Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management
    • Overview of Threat Intelligence Feeds and Sources
    • Understanding Threat Intelligence Data Collection and Acquisition
    • Understanding Bulk Data Collection
    • Understanding Data Processing and Exploitation
  • Module 5 Title Data Analysis
  • Module 5 Content
    • Overview of Data Analysis
    • Understanding Data Analysis Techniques
    • Overview of Threat Analysis
    • Understanding Threat Analysis Process
    • Overview of Fine-Tuning Threat Analysis
    • Understanding Threat Intelligence Evaluation
    • Creating Runbooks and Knowledge Base
    • Overview of Threat Intelligence Tools
  • Module 6 Title Intelligence Reporting and Dissemination
  • Module 6 Content
    • Overview of Threat Intelligence Reports
    • Introduction to Dissemination
    • Participating in Sharing Relationships
    • Overview of Sharing Threat Intelligence
    • Overview of Delivery Mechanisms
    • Understanding Threat Intelligence Sharing Platforms
    • Overview of Intelligence Sharing Acts and Regulations
    • Overview of Threat Intelligence Integration
RM4,700.00(+RM376.00 Tax)

The EC-Council Certified Encryption Specialist (ECES) program introduces professionals and students to the field of cryptography. The participants will learn the foundations of modern symmetric and key cryptography including the details of algorithms such as Feistel Networks, DES, and AES. Other topics introduced:

  • Overview of other algorithms such as Blowfish, Twofish, and Skipjack
  • Hashing algorithms include MD5, MD6, SHA, Gost, RIPMD 256 and others.
  • Asymmetric cryptography includes thorough descriptions of RSA, Elgamal, Elliptic Curve, and DSA.
  • Significant concepts such as diffusion, confusion, and Kerkchoff’s principle.

Participants will also be provided a practical application of the following:

  • How to set up a VPN
  • Encrypt a drive
  • Hands-on experience with steganography
  • Hands on experience in cryptographic algorithms ranging from classic ciphers like Caesar cipher to modern day algorithms such as AES and RSA.

Additional Info

  • Certification Course & Certificate
  • Course Code ECES
  • Price 4700
  • Exam Price Include
  • Exam Code 212-81
  • Duration 3 days
  • Principals EC-Council
  • Schedule

    18-20 Mar 2024

    10-12 Jul 2024

    28-30 Oct 2024

  • Audience

    Anyone involved in the selection and implementation of VPN’s or digital certificates should attend this course. Without understanding the cryptography at some depth, people are limited to following marketing hype. Understanding the actual cryptography allows you to know which one to select. A person successfully completing this course will be able to select the encryption standard that is most beneficial to their organization and understand how to effectively deploy that technology.

     

    This course is excellent for ethical hackers and penetration testing professionals as most penetration testing courses skip cryptanalysis completely. Many penetration testing professionals testing usually don’t attempt to crack cryptography.

  • Prerequisities

    A basic knowledge of cryptanalysis is very beneficial to any penetration testing.

  • At Course Completion
    • Types of Encryption Standards and their differences
    • How to select the best standard for your organization
    • How to enhance your pen-testing knowledge in encryption
    • Correct and incorrect deployment of encryption technologies
    • Common mistakes made in implementing encryption technologies
    • Best practices when implementing encryption technologies
  • Module 1 Title Introduction and History of Cryptography
  • Module 1 Content
    • What is Cryptography?
    • History of Cryptography
    • Mono-Alphabet Substitution
      • Caesar Cipher
      • Atbash Cipher
      • Affine Cipher
      • ROT13 Cipher
      • Scytale
      • Single Substitution Weaknesses
    • Multi-Alphabet Substitution
      • Cipher Disk
      • Vigenère Cipher
        • Vigenère Cipher: Example
        • Breaking the Vigenère Cipher
      • Playfair Cipher
      • ADFGVX Cipher
    • Homophonic Substitution
    • Null Ciphers
    • Book Ciphers
    • Rail Fence Ciphers
    • The Enigma Machine
    • CrypTool
  • Module 2 Title Symmetric Cryptography & Hashes
  • Module 2 Content
    • Symmetric Cryptography
    • Information Theory
      • Information Theory Cryptography Concepts
    • Kerckhoffs’s Principle
    • Substitution
    • Transposition
    • Binary Math
      • Binary AND
      • Binary OR
      • Binary XOR
    • Block Cipher vs. Stream Cipher
    • Symmetric Block Cipher Algorithms
      • Basic Facts of the Feistel Function
        • The Feistel Function
        • Unbalanced Feistel Cipher
      • Data Encryption Standard (DES)
      • 3DES
        • DESx
        • Whitening
      • Advanced Encryption Standard (AES)
        • AES General Overview
        • AES Specifics
      • Blowfish
      • Serpent
      • Twofish
      • Skipjack
      • International Data Encryption Algorithm (IDEA)
      • CAST
      • Tiny Encryption Algorithm (TEA)
      • SHARK
      • Symmetric Algorithm Methods
        • Electronic Codebook (ECB)
        • Cipher-Block Chaining (CBC)
        • Propagating Cipher-Block Chaining (PCBC)
        • Cipher Feedback (CFB)
        • Output Feedback (OFB)
        • Counter (CTR)
        • Initialization Vector (IV)
      • Symmetric Stream Ciphers
        • Example of Symmetric Stream Ciphers: RC4
        • Example of Symmetric Stream Ciphers: FISH
        • Example of Symmetric Stream Ciphers: PIKE
      • Hash Function
        • Hash – Salt
        • MD5
          • The MD5 Algorithm
        • MD6
        • Secure Hash Algorithm (SHA)
        • FORK-256
        • RIPEMD-160
        • GOST
        • Tiger
        • MAC and HMAC
      • CryptoBench
  • Module 3 Title Number Theory and Asymmetric Cryptography
  • Module 3 Content
    • Asymmetric Encryption
    • Basic Number Facts
      • Prime Numbers
      • Co-Prime Numbers
      • Euler’s Totient
      • Modulus Operator
      • Fibonacci Numbers
    • Birthday Theorem
      • Birthday Paradox
        • Birthday Paradox: Probability
      • Birthday Attack
    • Random Number Generator
      • Classification of Random Number Generator
      • Traits of a Good PRNG
      • Naor-Reingold and Mersenne Twister Pseudorandom Function
      • Linear Congruential Generator
      • Lehmer Random Number Generator
      • Lagged Fibonacci Generator (LFG)
      • Blum Blum Shub
      • Yarrow
      • Fortuna
    • Diffie-Hellman
    • Rivest Shamir Adleman (RSA)
      • RSA – How it Works
      • RSA Example
    • Menezes–Qu–Vanstone
    • Digital Signature Algorithm
      • Signing with DSA
    • Elliptic Curve
      • Elliptic Curve Variations
    • Elgamal
    • CrypTool
  • Module 4 Title Applications of Cryptography
  • Module 4 Content
    • FIPS Standards
    • Digital Signatures
    • What is a Digital Certificate?
      • Digital Certificates
        • X.509
        • X.509 Certificates
        • X.509 Certificate Content
        • X.509 Certificate File Extensions
    • Certificate Authority (CA)
      • Certificate Authority – Verisign
      • Registration Authority (RA)
      • Public Key Infrastructure (PKI)
      • Digital Certificate Terminology
      • Server-based Certificate Validation Protocol
      • Digital Certificate Management
      • Trust Models
      • Certificates and Web Servers
      • Microsoft Certificate Services
      • Windows Certificates: certmgr.msc
      • Authentication
        • Password Authentication Protocol (PAP)
        • Shiva Password Authentication Protocol (S-PAP)
        • Challenge-Handshake Authentication Protocol (CHAP)
        • Kerberos
          • Components of Kerberos System
          • Kerberos Authentication Process
    • Pretty Good Privacy (PGP)
      • PGP Certificates
    • Wi-Fi Encryption
      • Wired Equivalent Privacy (WEP)
      • WPA – Wi-Fi Protected Access
      • WPA2
    • SSL
    • TLS
    • Virtual Private Network (VPN)
      • Point-to-Point Tunneling Protocol (PPTP)
        • PPTP VPN
      • Layer 2 Tunneling Protocol VPN
      • Internet Protocol Security VPN
      • SSL/TLS VPN
    • Encrypting Files
      • Backing up the EFS key
      • Restoring the EFS Key
    • BitLocker
      • BitLocker: Screenshot
    • Disk Encryption Software: VeraCrypt
    • Common Cryptography Mistakes
    • Steganography
      • Steganography Terms
      • Historical Steganography
      • Steganography Details
      • Other Forms of Steganography
      • How to Embed?
      • Steganographic File Systems
      • Steganography Implementations
      • Demonstration
    • Steganalysis
      • Steganalysis – Raw Quick Pair
      • Steganalysis – Chi-Square Analysis
      • Steganalysis – Audio Steganalysis
    • Steganography Detection Tools
    • National Security Agency and Cryptography
      • NSA Suite A Encryption Algorithms
      • NSA Suite B Encryption Algorithms
      • National Security Agency: Type 1 Algorithms
      • National Security Agency: Type 2 Algorithms
      • National Security Agency: Type 3 Algorithms
      • National Security Agency: Type 4 Algorithms
    • Unbreakable Encryption
  • Module 5 Title Cryptanalysis
  • Module 5 Content
    • Breaking Ciphers
    • Cryptanalysis
    • Frequency Analysis
    • Kasiski
    • Cracking Modern Cryptography
      • Cracking Modern Cryptography: Chosen Plaintext Attack
      • Cracking Modern Cryptography: Ciphertext-only and Related-key Attack
    • Linear Cryptanalysis
    • Differential Cryptanalysis
    • Integral Cryptanalysis
    • Cryptanalysis Resources
    • Cryptanalysis Success
    • Rainbow Tables
    • Password Cracking
    • Tools
  • Module 6 Content
  • Module 7 Content
  • Module 8 Content
  • Module 9 Content
  • Module 10 Content
  • Module 11 Content
  • Module 12 Content
  • Module 13 Content
  • Module 14 Content
  • Module 15 Content
  • Module 16 Content
  • Module 17 Content
  • Module 18 Content
  • Module 19 Content
  • Module 20 Content
  • Module 21 Content
  • Module 22 Content
  • Module 23 Content
  • Module 24 Content
  • Module 25 Content
  • Module 26 Content
  • Module 27 Content
  • Module 28 Content
  • Module 29 Content
  • Module 30 Content
  • Module 31 Content
  • Module 32 Content
  • Module 33 Content
  • Module 34 Content
  • Module 35 Content
  • Module 36 Content
  • Module 37 Content
  • Module 38 Content
  • Module 39 Content
  • Module 40 Content
  • Module 41 Content
  • Module 42 Content
  • Module 43 Content
  • Module 44 Content
  • Module 45 Content
  • Module 46 Content
  • Module 47 Content
  • Module 48 Content
  • Module 49 Content
  • Module 50 Content
RM4,700.00(+RM376.00 Tax)
* Training Dates:

PMP, Project Management Professional (PMP), CAPM, Certified Associate in Project Management (CAPM) are registered marks of the Project Management Institute, Inc.

We are using cookies to give you the best experience on our site. By continuing to use our website without changing the settings, you are agreeing to use of cookies.
Ok Decline