Job Description (JD)
| Nama Program | OPERASI PERTAHANAN KESELAMATAN SIBER [J620-001-4:2025] |
|---|---|
| Kod CU | J620-001-4:2025-C04 |
| Competency | Core |
| Tajuk CU | Implement Web, Application and Database Security Hardening. |
| Penerangan CU | Implement web, application and database security hardening describes the competency in strengthening the security of web servers, applications and databases to protect against vulnerabilities, unauthorized access and cyber threats. It is performed by IT Security Analysts and conducted on web servers, application environments and database systems both on-premises and in the cloud. This process is critical to safeguard sensitive data, ensure service availability and prevent attacks such as SQL injection, cross-site scripting (XSS) and unauthorized data access. It includes applying security patches, enabling encryption, configuring firewalls, securing authentication mechanisms, restricting privileges, disabling unused services and monitoring activity logs for anomalies. Regular audits and testing ensure ongoing effectiveness. The person who is competent in this CU should be able to secure web server configurations, deploy Web Application Firewall (WAF), secure application code, strengthen database security, strengthen authentication and authorisation and apply patch management and updates. The outcome of this CU is the implementation of security hardening measures for web, application and database systems, ensuring a robust and protected IT environment that mitigates cyber risks and safeguards critical data. |
| Tempoh Latihan | 90 |
| Objektif Pembelajaran | The learning outcomes of this competency are enabling the trainees to proactively secure web environments, protect application and database assets, ensure safe user authentication, and respond to evolving cybersecurity threats effectively. Upon completion of this competency unit, trainees should be able to: 1. Secure web server configurations. 2. Deploy Web Application Firewall (WAF). 3. Secure application code. 4. Strengthen database security. 5. Strengthen authentication and authorisation. 6. Apply patch management and updates. |
| Pra-Syarat | Not Available. |