CTDS-YN: Cybersecurity Threats, Defences and Security Best Practices

Name: CTDS-YN: Cybersecurity Threats, Defences and Security Best Practices
Brand: Cybersecurity

RM1,850.00

In an era where attacks can unfold in minutes, your organization’s defence depends on more than just firewalls—it depends on people. The Cybersecurity Threats, Defences and Security Best Practices course is a 2-day, lab-intensive program designed for professionals who need a deeper understanding of real-world threats, vulnerabilities, and modern defensive tactics.

Why it matters now:
Cyber threats are evolving—and so should your team. With practical labs using tools like Burp Suite, Shodan, VirusTotal, and Volatility, this course builds both theoretical understanding and technical response capabilities.

Training Duration: 2 Days

Certificate Of Completion Available
Group Private Class
VILT Class Available
SBL-Khas Claimable

Download Course Outline

Participants will learn about common cyber threats, such as phishing, social engineering, and ransomware, through real-world examples and interactive activities. The course emphasizes the importance of employee vigilance and provides actionable strategies for protecting personal and organizational data. By the end of the day, participants will be equipped with the knowledge and skills to identify and respond to cyber threats effectively.
By the end of this course, participants will:

Define key cybersecurity principles, including the CIA Triad (Confidentiality, Integrity, Availability).

Recognize various types of cyber threats (malware, phishing, ransomware, DDoS, SQL Injection).

Analyse real-world cyber-attacks and their impact on organizations.

Enforce Multi-Factor Authentication (MFA) for securing accounts and systems.

Gain awareness of current cybersecurity trends and real-world attack examples.

Identify and mitigate social engineering attacks (phishing, business email compromise).

Understand the role of employees in maintaining a secure organizational environment.
Day 1
Cybersecurity Fundamentals & Common Threats

Module 1: Understanding Cybersecurity Basics

What is cybersecurity and why is it important?

CIA Triad (Confidentiality, Integrity, Availability).

Cybersecurity Frameworks (NIST, ISO 27001, CIS Controls).

Cybersecurity in IT Infrastructure (Endpoints, Networks, Applications, Cloud, IoT)

Activity 1: Hands-on Labs & Exercises

Lab 1: Security Misconfigurations

Goal: Demonstrate what happens when security configurations are weak.

Tools: Kali Linux, Metasploit.

Exercise: Use metasploit

Activity 2: Hands-on Labs & Exercises

Lab 2: OSINT (Open-Source Intelligence) Reconnaissance

Goal: Teach participants how attackers gather information.

Tools: Shodan, Maltego, Recon-ng

Exercise: Use Shodan

Module 2: Identifying Common Security Threats

Types of Cyber Threats (Malware, Phishing, Ransomware, DDoS, SQL Injection)

Social Engineering Attacks

Attack Lifecycle (Reconnaissance, Exploitation, Privilege Escalation, Exfiltration)

Activity 3: Hands-on Labs & Exercise

Lab 1: Phishing email simulation:

Goal: Simulate a phishing attack and analyse how employees respond.

Tools: Gophish, Social Engineering Toolkit (SET)

Exercise: Create a phishing email

Activity 4: Hands-on Labs & Exercise

Lab 2: Simulated Malware Attack

Goal: Demo how malware infects a system

Tools: Windows Defender, Any.Run, VirusTotal

Exercise: Analyze a malware file in VirusTotal

Module 3: Web Application Security (OWASP Top 10)

SQL Injection (SQLi)

Cross-Site Scripting (XSS)

Broken Authentication.

Security Misconfigurations.

Activity 5: Hands-on Labs & Exercise

Lab 1 : SQL Injection Attack

Goal: Exploit a vulnerable web application using SQLi.

Tools: DVWA (Damn Vulnerable Web App), Burp Suite

Exercise: Use Burp Suite

Activity 6: Hands-on Labs & Exercise

Lab 2: Cross-Site Scripting (XSS)

Goal: Inject malicious JavaScript into a web page.

Tools: DVWA, XSS Hunter

Exercise: Inject JavaScript

Module 4: Attack Simulations & Cyber Range Exercises
Activity 7: Hands-on Labs & Exercise

Lab 1: Demo how ransomware works

Goal: Exploit a vulnerable web application using SQLi.

Tools: WannaCry Sample (in a controlled lab), Any.Run

Exercise: Run a ransomware simulation

Activity 8: Capture The Flag (CTF) Challenge

Lab 1: Participants solve cybersecurity problems

Day 2
Security Controls and Awareness

Module 5: Implementing Security Controls

Firewalls & IDS/IPS

Endpoint Detection & Response (EDR)

Zero Trust Security

Multi-Factor Authentication (MFA)

Activity 9: Hands-on Labs & Exercise

Lab 1: Enforcing Multi-Factor Authentication (MFA)

Goal: Implement MFA for a web application.

Tools: Google Authenticator, Duo Security

Exercise: Set up MFA for SSH login.

Module 6: Security Awareness & Best Practices

Security Awareness Training for Employees.

Strong Password Policies & Management.

Safe Browsing & Email Security.

Incident Response & Reporting.

Activity 10: Hands-on Labs & Exercise

Lab 1: Password Cracking Simulation

Goal: Show how weak passwords are cracked.

Tools: John the Ripper, Hashcat

Exercise: Crack a weak password hash.

Lab 2: Detecting Insider Threats

Goal: Identify unusual insider behaviour, Lets participants try

Module 7: Cyber Defence Strategies

Security Operations Center (SOC) Roles.

Threat Intelligence & Threat Hunting.

Digital Forensics & Incident Response.

Activity 11: Hands-on Labs & Exercise

Lab 1: Memory Forensics with Volatility

Goal: Extract and analyze malicious processes.

Tools: Volatility Framework

Exercise: Identify malware in RAM dump.

Module 8: Final Red Team vs. Blue Team Challenge

Red Team: Simulate a cyber-attack (phishing, network scanning, privilege escalation).

Blue Team: Detect and mitigate attacks

Frequently Asked Questions

What is no-code automation for project management?

No-code automation uses visual tools like Google Sheets and n8n to automate workflows without writing programming code.

Who should attend this automation course?

This course is suitable for project owners, operations managers, PMO staff, and non-technical stakeholders managing projects.

Do I need coding skills to join this course?

No. The course follows a no-code philosophy and uses drag-and-drop tools.

What tools are used in this course?

The course uses Google Sheets, n8n, and AI tools such as ChatGPT or DeepSeek.

Can AI really read and organize project emails?

Yes. AI can extract structured information such as dates, costs, issues, and urgency from emails and reports.

Is this course HRDC Claimable?

Yes. This course is HRDC claimable, subject to HRDC approval and company eligibility requirements.

Can this course be customized for our organization?

Yes. The workflows and templates can be adapted to reflect your organization’s project processes and approval structures.

Will I leave with working automation templates?

Yes. Participants receive ready-made templates and build working automations during the course.

CTDS-YN: Cybersecurity Threats, Defences and Security Best Practices

OVERVIEW

OBJECTIVES

COURSE MODULE

Frequently Asked Questions

Contact Us