FORESEC

International Certification Partnership Programme

Who We Are :
Multimatics is an international group of education, training and testing
service providers covering ICT, Business, Language, and Basic Education
programs that are accredited and affiliated with foreign educational, training
and certification institutions in such countries as the United States, United
Kingdom, Australia, Canada, China, Singapore, and Malaysia. We have more
than 20 years of experience in providing, developing, and assisting various
institutions to deliver quality education. We also have partnership with more
than 15 international education and training providers.
One of Multimatics partners in providing the International Certification of
Computer Security and Forensic is FORESEC. FORESEC is Malaysias premier
and trusted ICT security solutions provider. It is a MSC Malaysia status and a
wholly-owned venture capital arm of All Asia Talk SDN BHD. FORESEC also is
an

international

software

company

focused

on

the

development

of

information security and connectivity solutions. Since its inception, FORESEC

has been able to attract reputable venture capital partners, firstly Maybank
Venture and later, Commerce Asset Ventures, a subsidiary of BumiputraCommerce Holdings.
FORESEC held company with the executive management team, Mr Desmond
Alexander reporting to the Managing Director, who is accountable to the
Board of Directors.

Through 2006 and 2007, FORESEC developed their online network of

marketing system and branded business concepts along with the proprietary
software development for financial institutions. These systems now facilitate
our current sales, support and design team efforts, capability and efficiency.
Truly focused upon assisting and aiding in active participation towards the
successful accomplishment of FORESEC Vision, we strongly believe in the
future of FORESEC in becoming the world-renowned epicenter for all
international Information Technology standards, especially inconsideration of
the incredible and continuous achievements being accomplished in Global
Information Standards.
FORESEC relocated its operations to Kuala Lumpur in 2006 where Security
design and Network management opportunities were quickly expanding. In
realizing growth in this new market, FORESEC ACADEMY was formed and
attracted strong financial interests from outside parties. With financial
backing, in January of 2007, FORESEC ACADEMY were merged into the fully
incorporated Training and Security Development arm for many government
agencies in Europe and Asia.
What Are The Objectives :
1. To build a lasting and beneficial partnership that will advance the
academic quality, teaching professionalism, and Institutional quality of
partner institution
2. To provide competency certification of students for skill based subjects
(in line with the requirement of The National Education System
Regulation 2003 no.20 or SISDIKNAS No.20 Thn 2003, Chapter 61)

Why Are Computer Security and Forensic:

1. Despite the current economy, the demand for qualified information
security professionals is predicted to increase through 2016, according
to the Bureau of Labor Statistic. Those with formal education and
professional certifications have the best opportunities to advance their
careers as well as their salaries.
2. From identity theft to cyber terrorism, an increasing number of hightech threats are fueling the call for IT security professionals. The
demand is, in fact, already exceeding the supply. (Amrop Hever
Group)
3. Web application security and encryption skills are in demand right now
and Application security and security coding skills are growing like
crazy, and overall security architecture planning and design skills are
more in demand than ever.
4. Digital forensics, intrusion detection, and penetration testing are the
technical topics respondents forecast no information security personnel
reductions in the next 12 months.
5. Security threats reached their highest levels in 2008 and are predicted
to increase in 2009. With external as well as internal threats,
commercial

organizations,

financial

institutions,

state

and

local

governments and the military will continue to require qualified

information security professionals to protect their systems and data.
6. A government research company estimates that about a third of the
Defense Department's $4 billion request for spending on IT security is
included in general spending on various departmental programs and
not coded specifically as spent on information systems security,
making it difficult to track the Pentagon's total cyber security
spending, according to a report released on Monday. (Nexgov.com)

7. Salaries for information security professionals are high. Only 1.65% of

respondents earn less than US $ 40,000 per year and over 38% earn
US $ 100,000 or more per year.
8. Over than 81% of respondents with hiring responsibilities consider
certification (IT Security) a factor in their hiring decisions.
9. 41% of the respondents said their organizations use certifications (IT
Security) as a factor when determining salary increases.
10. Around 90% of large companies & government agencies had
computer security breaches in 2001; Three-quarters suffered financial
losses
11. Transacting over the web is inevitable. Financial fraud losses were
$10,186,400.
12. Virus incidents (82 %) and insider abuse of network access (80 %) still
prevalent.
Why Are The International Certifications :
1. International Certification grants you more credibility. FORESEC
certification serves as an impartial, third-party endorsement of your
knowledge and experience against international standards.
2. International Certification can improve career opportunities
and advancement. FORESEC certification can give you the "edge"
when being considered for career opportunities, job advancement and
salary.
3. International Certification prepares you for greater on-the-job
responsibilities. FORESEC certification is a clear indicator of your
willingness to invest in your own professional development.
4. International Certification improves skills and

knowledge.

Mostly, achieving FORESEC certification requires training, study and

"keeping up" with changes. This certification showcases your individual

mastery by confirming proficiency and knowledge in the field.
5. International Certification reflects achievement and mark of
excellence.

FORESEC

certification

is

reflection

of

personal

achievement and mark of excellence because the individual has

displayed mastery of his or her field by meeting requirements and
standards set in this industry.

Why Are FORESEC:

The company has grown since it was founded in January 2000 - with offices
around the world, a staff of experienced consultants and a service portfolio
that encompasses almost every aspect of IT security. Our mission is to
provide our customers with professional and independent advice on
information security to empower their business and operations. From the
very first project to our current global business activites, we have always
followed these principles:
1 . We know the business
FORESEC

knows

the

worldwide

information

security

consulting

business very well. With a multinational staff, it is only natural that we

feel comfortable operating internationally. We are a company with
global reach.

2. We act with integrity

Information security consulting and evaluation is a high-integrity
business, integral to which is the matter of trust. All FORESEC
employees are committed to sustaining the highest degree of integrity
in our client relationships. We are devoted to delivering the highest
quality in a timely manner.
3. We stay focused
FORESEC consultants are information security consultants. As such,
FORESEC focuses solely on information security consulting. We do not
consult in any other areas, and we do not sell hardware, software, or
any other ware.
4. We are independent
We are not affiliated with any hardware or software vendor, and we
never

will

be.

Our

credibility

as

consultants

hinges

on

that

independence. Our customers can rely on us to be objective. We have

no interest in selling anything other than our security expertise.
What Are The Modules :
1. Foresec Certified Network Security (FCNS)
While other courses focus on only 10 domains, we deliver the content
within a proprietary 'Theory, Technique, Tool' delivery framework via a
proprietary 'Discuss, Demonstrate, Do' action learning model. FCNS

ten domains are chock-a-bloc full of theory, which when implemented,

is compromised for practical reasons. Take your relational database for
example. Theoretically, a database must be normalized to at least 4
(out of 5) normal forms to qualify as a relational database, as this is
the minimum level of atomicity required to yield the functional benefits
of the relational model for data organization. But no vendor has ever
complied with this theoretical principle as the performance overhead
required to do so is too high.
Understanding the differences between relational database theory, and
the technique used by vendors to develop their products (tools)
automatically explains 80% of the constant vulnerabilities we see in
said databases. This understanding leads us to a logical choice of
compensating

deterrent,

preventive,

detective,

recovery,

and

corrective controls to govern access to relational data repositories in

adhering to a relevant residual risk position.
In many cases, we are able to create learning labs where the theory is
discussed, the technique demonstrated, with participants actively
exploring (do) the 'vulnerabilities-within-the-gap', the natural, manmade and/or technical threats that can exploit these vulnerabilities,
leading to non-disaster, disaster and/or catastrophic impact levels, and
the likelihood thereof, and select the right mix of controls to mitigate
the same. In this course, the candidate will be learning an exaustive
understanding in all aspects of security management practices to
applications and system development, such as Active X security, as
well as many other security operations. In other words, participants
actively learn the risk management mind-set.

Module Topics:
Module 0: Course Overview
Module 1: Security Management Practices
Module 2: Access Control
Module 3: Cryptography
Module 4: Physical Security
Module 5: Security Architecture and Models
Module 6: Legal and Compliance
Module 7: Telecommunications and Network
Module 8: Business Continuity Objectives
Module 9: Application and System Development
Module 10: Operations Security
2. Foresec Certified Computer Hacking (FCCH)
FCCHs foundation is built firmly upon proven, hands-on, Penetration
Testing

methodologies

utilized

by

our

international

group

of

vulnerability consultants. FORESEC trainers keep abreast of their

field by practicing what they teach; we believe that an equal emphasis
on theoretical and real world experience is essential for effective
knowledge

transfer

to

you,

the

student.

The

FCCH

presents

information based on the 5 Key Elements of Pen Testing; Information

Gathering, Scanning, Enumeration, Exploitation and Reporting. The
latest vulnerabilities will be discovered using these tried and true
techniques.
This course also enhances the business skills needed to identify
protection opportunities, justify testing activities and optimize security

controls appropriate to the business needs in order to reduce business

risk.
FORESEC goes far beyond simply teaching you to Hack - be
prepared to learn penetration testing using advanced persistent threat
techniques along with the highest level ethical hacking methodologies.
Our course was developed around principles and behaviors used by
malicious hackers. The course is taught with this in mind while keeping
the focus on professional penetration testing and ensuring the security
of information assets. Learn to hack.. live to protect.
Objective of Labs:
This is an intensive hands-on class that includes an updated 400 page
lab guide. Students may spend 22 hours or more performing labs that
walk them through a real world Pen Testing model. Labs begin with
simple activities and move on to more complex procedures. During
labs, students move through a detailed Lab Guide containing screen
shots, commands to be typed, and steps students should take.
Students will make use of scores of traditional and cutting edge Pen
Testing tools (GUI and command line, Windows and Linux) as they
make their way through FORESECs time-tested methodology. (See
Outline below for tool titles) Customers can be confident that as new
methods arise in the security world, our labs are updated to reflect
them.
Upon proper completion of the course, FCCH students will be able to
confidently sit for the FCCH certification exam (recommended).
Students will enjoy an in-depth course that is continuously updated to
maintain and incorporate changes in the security environment. This
course offers up-to-date proprietary labs that have been researched

and developed by leading security professionals from around the

world.
NOTE: The

course

material

reflects

Backtrack

and

advanced

penetration testing and hacking labs with Windows 7 & Windows

Server 2008. The FCCH course was updated in June 2012. The
Advance Course, aka FPTC, will be finalized in Jan. 2013 and will focus
on pen testing layer 2, layer 3 and layer 4 boxes (eg. Firewalls, IDS's,
IPV6 and so forth)
Module Topics:
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module
Module

0: Ethics & Hacking as a Career

1: Business and Technical Logistics of Pen Testing
2: Methodologies
3: Information Gathering
4: Detecting Live Systems
5: Enumeration
6: Vulnerability Assessments
7: Malware & Backdoor
8: Windows Hacking
9: Hacking UNIX/Linux
10: Advanced Exploitation Techniques
11: Pen Testing Wireless Networks
12: Networks, Sniffing and IDS
13: Injecting the Database
14: Attacking Web Based Application
15: Project Documentation
16. Pen Test Metrics

3. Foresec Certified Disaster Recovery Planner (FCDRP)

The comprehensive Certified Disaster Recovery Engineer course goes
beyond traditional BCP training - preparing students for industry
certification in Business Continuity planning, and presenting the latest
methodologies and best practices for real-world systems recovery.

Students receive a solid foundation of instruction that will enable them

to create meaningful business continuity plans. In addition, students
will learn the latest methods for protection and recovery of technology
in their organizations. FORESEC trainers are more than instructors
they have extensive experience and are active in the industry.
At FORESEC, we believe emphasis on both industry standards and
real world experiences are essential to providing a robust and
comprehensive learning experience.
Course Information:
Various sample

deliverables are

offered utilizing public domain

templates, checklist and forms.

Templates will change continuously adapting to changes in the DR/BCP
domain. FORESEC consultants working in the DR/BCP and security
field will be dynamically implementing new scenarios that are over and
above the base scenarios used in student workbook.
Please note that this is not a class that will explain the very intricacies
of

each

and

every

technique

and

template

available.

FORESEC consultants constantly revise information used in this

class.
This course executes both exam prep and examination on day four.
The student will have a fundamental knowledge of DR/BCP planning.
Students will enjoy an in-depth course that is continuously updated to
maintain and incorporate the ever changing DR/BCP requirements.
This course offers up-to-date information that has been developed by

leading risk management professionals. This is an intensive lecture

class that focuses on best practices of DR/BCP.
Module Topics:
Module 1: Introduction
Module 2: Business Impact Analysis
Module 3: Risk Analysis
Module 4: BDP Strategies
Module 5: I.T. Recovery Strategies
Module 6: Implementation Phase
Module 7: Testing and Exercise
Module 9: Maintenance and Updating
Module 8: Execution Phase
Module10: Cyber Attacks
Module 11: Pandemics
Review & Exam
4. Foresec Certified Forensic Expert (FCFE)
The FCFE program is designed to train Cyber Crime Investigators.
Students are taught electronic discovery and advanced investigation
techniques. This course is essential to anyone encountering digital
evidence while conducting investigations. In October of 2008, FCFE
was redesigned into a more advanced class and re-titled FORESEC
Certified Digital Forensics Examiner.

Benefits Of This Course:

This course will benefit government security agencies as well as
organizations intent on pursuing any corrective action, litigation, or
proof of guilt based on digital evidence.
Example: termination of an employee for a computer policy violation
and using a digital artifact to support the allegation. The investigator
must furnish irrefutable burden of proof from the digital artifact.
Without properly complied proof, an attorney knowledgeable about
Computer Forensics could have the case thrown out. Similarly,
government or investigative agencies need to be able to successfully
prosecute

or

defend

cases

such

as

terrorist

activates,

illegal

pornography, acts of fraud, counterfeiting, and so forth.

Computer Forensics was developed by U.S. federal law enforcement
agents during the mid to late 1980s to meet the challenges of whitecollar crimes committed with the assistance of a PC. By 1985
enforcement agents were being trained in the automated environment
and by 1989 software and protocols were beginning to emerge in the
discipline.
FCFE graduates will obtain real world computer forensic knowledge
that will help them recognize, seize, preserve and present digital
evidence. Graduates will be able to confidently attempt the following
professional computer forensic certifications.

Module Topics:
Module 1: Introduction to Computer Crime
Module 2: Disk Storage Concepts
Module 3: Forensic Examination
Module 4: Electronic Discovery and Digital Evidence
Module 5: Specialized Examination Tools
Module 6: Seizure Concepts
Module 7: Forensic Examination
Module 8: Advanced Artifact Recovery
Module 9: Crypto and Password Recovery
Module 10: Specialized Digital Media Analysis and Recovery
Module 11: Cyber-terrorism and Internet Investigations
Module 12: Electronic Discovery, Acquisition and Analysis Laboratory
Module 13: Documenting and Reporting Digital Evidence
Module 14: Presentation of Digital Evidence
What Are The Benefits :
FORESEC

is

non-profit

organization

and

mostly

the

international

certifications in Computer Security and Forensic are rarely and this

certifications is very expensive but FORESEC has a vision to assist
Indonesian people to attain a better life through education particularly on
COMPUTER SECURITY and FORENSIC with the affordable and possible way.
Therefore, FORESEC wishes to conduct a partnership with Indonesian
education institutes to improve the quality and condition of partner institutes
education, staffs, and facilities.

Benefits for Institution:

1. Up-to-date curriculum with strong R&D support
2. Automatic improvement in image and reputation
3. Upgrade the quality and the effectiveness of teaching process and
curriculum
4. Increased quality of lecturers
5. Exchange of education technologies
Benefits for Students:
1. Study under an internationally accepted curriculum.
2. Receive international recognized certification for every collaborated
practical/skill based subjects.
3. Graduates will have sharper competitiveness when searching for a job
4. Cost efficient and affordable way to obtain an international recognized
certification.
5. Quality

Assurance

of

graduates

through

competency-based

certification process.
6. Expand study and thinking perspective into global horizon
Areas of Partnership:
1. Skills Certification in Computer Security and Forensic.
2. Quality Content Development
3. Faculty and Staff Training Programmes
How Are The Processes Of ICCP :
1. Submitting Partners Institutions General Profile to FORESEC
To begin the partnership process, it is requirement that FORESEC
knows the partner institutions profile in general, e.g. background of
institution, human resources, physical facilities, etc. An institution

profile containing this information is to be submitted to FORESEC to be

reviewed.
Items required to be completed:

Partners Profile of Institution Form (Soft copy) to be filled in

English. It explains about the Partners general profile of human
resources,

facilities,

number

of

students,

procedures

on

delivering test or assignments, etc.

Letter of Intent, which explains in details on which program that

Partner Institutions are interested to have from FORESEC.

2. Validation Visit
After the completion of the profile review and the signing of
Memorandum of Understanding (MOU), FORESEC will validate or visit
the prospect institution at a stipulated date, if necessary. Partners
institution will have to complete a documentation requirement i.e.
Partners Institutions Profile Form.
Items required to be completed:

MOU Signed

MOA ready to be signed

3. MOA signing
MOA is required to be signed prior to the detailed implementation of
the developed curriculum. This process is critical to protect FORESEC
intellectual property.

4. Training of Lecturers
After the Memorandum of Agreement (MOA) is signed, the initial
training can commence. The execution of the partnership programme
starts by training the lecturers into running and teaching the updated
curriculum. Here, lecturers will be taught using as much as possible for
Computer Security and Forensic technologies and up-to-date teaching
techniques, and/or FORESEC standardized training modules.

More

importantly is the English language delivery and execution of courses.

The most important thing is Training will be conducted in Malaysia or
Indonesia

(based

on

the

agreement)

and

this

is

will

take

approximately around three days.

If the training is done in Singapore, accommodation cost will be
covered by Malaysia but the partner institution will have to cover its
own transportation cost.
Items required to be completed:

MOA signed

Training completed

5. Launching and Execution

Upon receiving the training, then partners institution will be able to
launch the agreed programs.
6. Standardization of tests/exams
When the period of exams approaches, normal tests and exams are
conducted as usual. FORESEC will provide the exam and assist
teachers in marking. For students who pass skill based subjects

satisfactorily

with

or

grade,

competency

Certificate

of

Completion will be awarded to them from FORESEC.

7. Continuous monitoring, assessment and review
FORESEC will continue to assess and evaluate the collaboration
process to ensure partner institute receive continuous updates that will
keep every partner institute remain up to date with their progress
towards international recognition. And to preserve the quality, there
will be an observation to the institute related to student progress,
classroom, teaching mode and effectiveness of the program.
8. Issuance of certificates based on agreed criteria
FORESEC will be issued the International Certificate if the student pass
examination and with minimum 80% of attendance. In this view,
FORESEC will not compromise the quality and standards of the
students.

For further information :

Agus Setiawan
Mobile Phone : +62 811 848 121
Email: agus@multimatics.co.id
Silvia Aprilia
Mobile Phone: +62 878 8729 8908
Email: silvia@multimatics.co.id

AXA TOWER 37TH floor

Jl Prof. Dr. Satrio Kav 18
Kuningan City, Jak-Sel 12940
Ph.021-30056123
Fax. 021-30056125