Courses

List of courses provided by KPCERC

Cloud Security

40 Hours

Course is designed to give insight on the working of cloud platforms and services. Course focuses on the deployment architecture and service delivery of Cloud platforms. Content includes introduction to Storage & network service configuration and security aspects, visualization and third party cloud platforms and services, access control, Identity & service management, WAF, Governance, logging and encryption of data in transit, Risk management & compliance, Disaster Recovery & Business Continuity. Course will cover the services & security issues of leading cloud platforms such as AWS & Azure.

Learn More

Cyber Security Awareness for Government Departments

6 Hours

To sensitise the government departments on the importance of cyber security and impact of data breaches. Create awareness on cyber security, importance of information security management for government departments. Course discusses the type of attacks on CIA, nature of exploits and mitigation techniques. Course outlines the security policies and risk mitigation plans. Course also introduces GDPR as possible framework of data protection for government departments.

Learn More

Cyber Security Essentials

14 Hours

Objective This is entry level course in cyber security. Course is design to introduce the basics of cyber security, domains of cyber security & cyber laws, fundamentals of networks and network devices, access control, authentication, MFA, authorization, host, data, and application security, types of attack on CIA, nature of exploits & mitigations, malware, vulnerabilities, and threats. Course also introduces ethical hacking lifecycle along with tools & technologies used in the process. After the successful completion of this course students will be able to understand the basic concepts of cyber security and will be able to understand & demonstrate the ethical hacking life cycle.

Learn More

Digital Forensics for Government Departments

6 Hours

Objective To educate relevant government departments on the tools & technologies involved in digital forensics. Course covers overview of methodological approach to digital forensics and evidence analysis. Course enables practitioners especially from law enforcement to acquire necessary hands-on experience on various forensic investigation techniques and standard forensic tools. Tools & technologies demonstrated in this course will help to successfully carryout a computer forensic investigation leading to prosecution of perpetrators.

Learn More

Governance & Risk Management

Duration 40 Hours

Objective Course is designed to give insight into governance & risk management of ICT systems in an organization. Topics include security governance definitions, principals and frameworks, risk identifications, protection of CIA, risk assessment, enterprise risk, risk mitigation strategies and risk transfer, risk response frameworks, BCP and DR plans, RPO, RTO, WRT and MDT, business impact analysis and strategies to mitigate the risk along with vendor & third party support (SLA & Code reviews).

Learn More

Mobile Penetration Testing

40 Hours

Objective Course is designed to give hands on exposure to tools & technologies used for mobile penetration testing. Course all includes insight into mobile security testing and reverse engineering. Understanding mobile platforms, security architecture of mobile OS, detailed analysis of APK file, reverse engineering and APK analysis. Course also provides understanding of traffic analysis of android platform, static & dynamic analysis of APK files, permission analysis & escalation, use of mobile RATs, counter strategy for mobile malwares & APTs. Course aims to train the participants with concepts and practical to carry out mobile penetration testing. Course includes intermediate to advance concepts, tools & technologies used in mobile security assessment.

Learn More

Network Defender

20 Hours

Objective Objective is to train network administrators working in various government departments on state of the art network security tools & technologies. Course will cover intermediate to advance network defence techniques, hands on exposure to demonstrate network, security, cryptography, security monitoring, attack methods, endpoint threat analysis and network forensics, incidence response and network intrusion & event / data Analysis. Course aims to empower the network administrators across the province to fully understand & implement state of the art network management technologies.

Learn More

Network Penetration Testing

40 Hours

Objective Course is designed to give hands on exposure to tools & technologies used for Network penetration testing. Course aims to train the participants with concepts and practical to carry out network penetration testing. Objective of the course is to train the individuals who are interested in pursuing the carrier as network penetration testing and network auditors. Course includes intermediate to advance concepts, tools & technologies used in network security assessment. Contents include demonstration of network architecture and advance networking concepts. Network scanning tools, vulnerability assessment for networks, application of known network testing tools & assessment frameworks, exploiting network & system vulnerabilities & working with APT and security issues with wireless networks.

Learn More

Privacy & Data Protection

40 Hours

Covers the essential principles, policies and practices that organizations use to protect and secure personal, proprietary or confidential data. Data & asset classification controls to ensure the CIA of data. Understand the type of attacks on data, impact, types & cost of data breach. Course also introduces GDPR as guideline to follow for data custodians. Course introduces the domains and working for GDPR.

Learn More

Secure Software Development

40 Hours

Course is designed to share the best practices for secure software development. Topics include Security principals in SDLC, Concepts & techniques for Database and software security, attacks on data and process in soft wares, Security Controls in the Development Environment, Software Security Effectiveness Assessment Security in the Engineering Lifecycle, best practices for S-SDLC, Security & privacy by design. Couse also includes the security issues and mitigation for CRM frameworks such as Wordpress , Drupal and others.

Learn More