Training Content
Training Duration: 5 Days (each day 09:00–12:00 Theory, 13:00–16:00 Practice)
Level: Beginner (General User Focused) and Intermediate (Technical and Business Focused)
Participant Profile: Students, recent graduates, IT professionals, those looking to transition careers from other fields, and institutional employees
Preparation Courses: For those lacking programming/network/operating system knowledge, “Basic Programming and Algorithms” or “Basic Networking & Operating Systems” courses are recommended.
Beginner Level (General User Focused) – 5 Days
Participant Profile
• General users from any industry, university students, public/private sector employees
• Individuals with basic computer usage knowledge
Prerequisites
• Mandatory: Basic computer literacy
• Optional: Basic internet and network knowledge
• For those lacking knowledge: They will be directed to preparation courses
Curriculum Topics
• Day 1: Introduction to cybersecurity, threats (viruses, malware, phishing, DDoS, etc.), KVKK (Personal Data Protection Law) and personal data awareness
• Day 2: Security measures for general users: secure password management, multi-factor authentication, protection from email and social engineering attacks
• Day 3: Data security and encryption logic (user-level), secure internet usage, social media security
• Day 4: Mobile device security, secure app usage, BYOD (Bring Your Own Device) awareness
• Day 5: Incident awareness, simple reporting and notification processes, individual responsibilities in cybersecurity
Training Outcomes
• Participants will learn methods to protect themselves from cyber threats in daily life and at work.
• They will gain awareness of KVKK and data security.
• They will be able to detect and report basic security breaches.
Who Should Attend / Who Is Recommended?
• Individuals who want to increase their security awareness in daily computer and internet usage
• Personnel working in public institutions and the private sector interacting with digital data
• University students and recent graduates
• All employees who need basic cybersecurity awareness in business processes
Intermediate Level (Technical & Business Focused) – 5 Days
Participant Profile
• Technical staff working in IT or looking to transition to IT
• Individuals interested in system and network management
Prerequisites
• Mandatory: Basic computer knowledge, basic understanding of networking and operating systems
• Optional: Basic programming knowledge
• For those lacking knowledge: They will be directed to preparation courses
Curriculum Topics
• Day 1: Basics of network and system security, attack types, security policies, and risk management
• Day 2: Advanced encryption methods, data and database security, secure software development principles
• Day 3: Penetration testing stages (planning, discovery, analysis, reporting), vulnerability evaluation
• Day 4: Threat intelligence and incident management, digital forensics, and evidence collection processes
• Day 5: Compliance and legal regulations (KVKK, GDPR, PCI DSS, ISO 27001), future trends (AI, blockchain, new threats)
Training Outcomes
• Participants will be able to analyze and take preventive measures for system and network security.
• They will be able to conduct basic penetration tests and report vulnerabilities.
• They will be able to implement incident management and threat intelligence processes.
• They will be aware of national and international legal requirements (KVKK, GDPR, etc.).
Who Should Attend / Who Is Recommended?
• IT support teams, system and network administrators
• Software developers and test engineers
• Professionals looking to become information security specialists
• Individuals aiming to work in security departments of companies
• Mid and senior managers (for risk management and compliance awareness)
Legal and Certification Aspects
• KVKK (Turkey) and GDPR (Europe): Participants will be informed about personal data protection.
• International Standards: ISO 27001, PCI DSS, HIPAA, and other corporate compliance requirements will be addressed.
• IT Law & Ethics: Legal responsibilities, ethical hacking boundaries, data breach procedures will be explained.
• Certifications: Guidance on certification paths such as CEH, CompTIA Security+, CISSP, Cisco CyberOps will be provided.
Training Notes
• The trainer may adjust the content and topic depth according to the participant profile and needs.
• Depending on the number of participants, intense practical sessions or a broader theoretical approach may be planned.
• The general user level training can be organized to address all individual participants.
• The technical level training will include more advanced lab exercises and case scenarios.
• At the end of the training, participants will receive a university-approved certificate.