Job Description (JD)
| Nama Program | OPERASI PERTAHANAN KESELAMATAN SIBER [J620-001-4:2025] |
|---|---|
| Kod CU | J620-001-4:2025-C05 |
| Competency | Core |
| Tajuk CU | Execute Vulnerability Assessment (VA). |
| Penerangan CU | Execute Vulnerability Assessment (VA) describes the process of identifying, analysing and prioritizing security vulnerabilities in systems, networks and applications. It is performed by IT Security Analysts and conducted on organizational networks, servers, endpoints, applications and cloud environments. This process is critical to identify weaknesses before attackers can exploit them, reduce risks and maintain the security posture of the organization. VA is performed using tools like Nessus, OpenVAS or Qualys and involves defining assessment scopes, configuring scanning tools, conducting vulnerability scans, analysing results and prioritizing risks based on severity. Reports are then generated to guide mitigation efforts. Regular VA ensures systems remain secure and compliant with industry standards. The person who is competent in this CU should be able to define VA scopes and objectives, perform VA tools set up, conduct reconnaissance activities, perform VA scanning and analyse VA scan results. The outcome of this CU is an effective execution of vulnerability assessments, identifying security weaknesses and providing recommendations to strengthen the organization's security posture. |
| Tempoh Latihan | 60 |
| Objektif Pembelajaran | The learning outcomes of this competency are to enable the trainees to conduct end-to-end vulnerability assessments, identify system weaknesses and provide actionable insights to improve overall security posture. Upon completion of this competency unit, trainees should be able to: 1. Define VA scopes and objectives. 2. Perform VA tools set up. 3. Conduct reconnaissance activities. 4. Perform VA scanning. 5. Analyse VA scan results. |
| Pra-Syarat | C01, C02, C03, C04 and C06. |