For more information about CSM-ACE 2018, please contact: 
  • secretariat@csm-ace.my |
  • +60 3 8992 6888

CSM-ACE Network Security and Incident Response

Date 24th, 26th & 27th Sept 2018
Time 8.30 am - 5.00 pm
Venue Royale Chulan, Kuala Lumpur, Malaysia
Fee RM 4,200.00 (Fees Include 0% GST)
Level Intermediate

This training is specially conducted for the participating agencies and Sector Leads to equip them with the intermediate knowledge in Incident handling and Network Security. Participants will be exposed to the security environment through practitioners’ experience sharing, case studies and hands on exercises by doing relevant analysis with the related tools. Participants will be exposed to the actual drill environment where the previous drill scenario will be simulated.

  • To recognize the importance of following well-defined processes, policies, and procedures;
  • To understand the technical, communication, and coordination issues involved;
  • To critically analyze and assess the impact of computer security incidents;
  • To effectively build and coordinate response strategies for various types of computer security incidents;
  • To gain a practical understanding of various methods for analyzing artefacts left on a compromised system;
  • To obtain practical experience in the analysis of vulnerabilities and the coordination of vulnerability handling tasks.
  • Computer network incident handling and incident responder professionals;
  • Computer security incident response team members and technical staff;
  • System and network administrators with incident handling experience;
  • X‐Maya participants;
  • NC4 players.

Day 1:
Module 1 - Introduction Security Incident, Incident Handling

  • Incident Handling: Objective, Definitions, Importance
    • Introduction to Incident Handling
    • Objective and Importance of Incident Handling
    • Differentiating an Event and an Incident
    • Incident Management
    • Incident Life Cycle
  • Incidents: Types, Categories, Priorities
    • Incident Categories
    • Service Level Agreement
    • Incident Priorities
    • Differences between Threat and Vulnerability
  • Six Steps of Incident Handling
    • Incident Handling Procedures
    • Incident Response Flow
    • Group Activity
    • Action Plan
  • Incident Handling: Sample Incidents
    • Identifying Category of Incident on Selected Sample Incidents
    • Applying Incident Handling Procedures on Selected Sample Incidents
  • Incident Handling Exercise
    • Group Activity

Day 2:
Module 2 - Malware Analysis

  • Introduction : Malware analysis
  • Malware Analysis
    • Behaviour based Analysis
    • Sandbox Analysis
  • Introduction: Web Security

Day 3:
Module 4 – Web Security

  • Introduction: Web Security
  • Web Security Analysis
    • SQL injection Attack - Analysis
    • RFI Attack – Analysis
    • LFI Attack - Analysis
  • 2 x tea break and 1 lunch for 3 day training