Training Content

Training Duration: 5 Days (each day 09:00–12:00 Theory, 13:00–16:00 Practice)

Level: Beginner (General User–Focused) and Intermediate (Technical & Business–Focused)

Participant Profile: Students, recent graduates, IT professionals, individuals seeking a career shift from different fields, corporate employees

Preparatory Courses: For those lacking Programming / Network / Operating System knowledge, “Basic Programming and Algorithms” or “Basic Network & Operating System” trainings are recommended.

Beginner Level (General User–Focused) – 5 Days

Participant Profile
• General users from any sector, university students, public/private institution employees
• Individuals with basic computer usage skills

Prerequisites
• Mandatory: Basic computer literacy
• Optional: Basic internet and network knowledge
• For those lacking prerequisites: Directed to preparatory courses

Curriculum Topics
• Day 1: Introduction to cybersecurity, threats (virus, malware, phishing, DDoS, etc.), KVKK and personal data awareness
• Day 2: Security measures for general users: secure password management, multi-factor authentication, protection from email and social engineering attacks
• Day 3: Data security and encryption logic (user level), safe internet use, social media security
• Day 4: Mobile device security, safe app usage, BYOD (bring your own device) awareness
• Day 5: Incident awareness, basic reporting and notification processes, individual responsibilities in cybersecurity

Learning Outcomes
• Participants learn methods to protect themselves from cyber threats in daily life and work environments.
• Gain awareness about KVKK and data security.
• Become capable of detecting and reporting basic security violations.

Who Should Attend?
• Individuals who want to increase security awareness in daily computer and internet usage
• Public and private sector employees interacting with digital data
• University students and recent graduates
• All employees who must possess basic cybersecurity awareness in their workflows

Intermediate Level (Technical & Business–Focused) – 5 Days

Participant Profile
• Technical personnel working in IT or aspiring to enter the field
• Those interested in system and network administration

Prerequisites
• Mandatory: Basic computer knowledge, fundamental understanding of networks and operating systems
• Optional: Basic programming knowledge
• For those lacking prerequisites: Directed to preparatory courses

Curriculum Topics
• Day 1: Fundamentals of network and system security, attack types, security policies, and risk management
• Day 2: Advanced encryption methods, data and database security, secure software development principles
• Day 3: Stages of penetration testing (planning, reconnaissance, analysis, reporting), vulnerability assessment
• Day 4: Threat intelligence and incident management, digital forensics and evidence collection processes
• Day 5: Compliance and legal regulations (KVKK, GDPR, PCI DSS, ISO 27001), future trends (AI, blockchain, emerging threats)

Learning Outcomes
• Participants can analyze system and network security and take preventative measures.
• Can perform basic penetration testing and report vulnerabilities.
• Can apply incident management and threat intelligence processes.
• Understand national and international legal requirements (KVKK, GDPR, etc.).

Who Should Attend?
• IT support teams, system and network administrators
• Software developers and test engineers
• Professionals aiming to become information security specialists
• Individuals targeting roles in corporate security departments
• Mid- and senior-level managers (for risk management and compliance awareness)

Legal and Certification Aspect
• KVKK (Turkey) and GDPR (Europe): Participants are informed about personal data protection.
• International Standards: ISO 27001, PCI DSS, HIPAA and similar corporate compliance requirements are covered.
• IT Law & Ethics: Legal responsibilities, ethical hacking boundaries, data breach procedures are explained.
• Certifications: Guidance is provided on certification paths such as CEH, CompTIA Security+, CISSP, Cisco CyberOps.

Training Notes
• The instructor may adjust content and depth according to participant profile and needs.
• Depending on the number of participants, intensive practice or broader theory may be planned.
• Beginner-level training can be adapted to reach all general users.
• Technical-level training includes advanced labs and case scenarios.
• Participants receive a university-approved certificate at the end of the training.