IT-Security Practitioner (ITSP) takes you deep into the pragmatics of securing an IT infrastructure. The course combines in-depth technical information security knowledge and key security management topics, preparing you for successful transition into an IT security management role.
As you move along in the course, you will immerse yourself in attack trends and mitigation techniques, and you will perform hands-on assignments that ready you for accomplishing a Security Manager’s tasks. You will complete exercises in the technical domain, including security zoning, system hardening, and firewall rule construction. In addition, you will perform traditional management activities, such as developing a company-wide security framework, creating a role-based access model, and determining benchmarks for information classification. Finally, you will try your hand at penetration testing in a simulated environment.
The knowledge and skills you develop in this course ready you for the Expert level, where you will develop into a competent Security Operations Centre (SOC) analyst.
- Benefit from the insights of practicing Security Managers and cybersecurity advisors;
- Apply IT security management principles to real-life situations;
- Prepare for your certification assessment with a free sample exam.
5 days (40 training hours).
This course is aimed at those who are or expect to become involved in IT-security, such as:
• IT-security managers;
• IT auditors;
• Junior and intermediate application, system and network administrators.
A good understanding of fundamental IT security terms, concepts and principles is required. SECO IT-Security Foundation certificate (or equivalent) is recommended.
About the Instructor:
Dr. Rob van der Staaij (CISSP, CCSP, CISA, CISM, CRISC, CEH, CPT) is the founder of Stysec. He has more than twenty years of experience with IT, cyber security and identity & access management. He is also a professional trainer who is certified by the International Board of Certified Trainers. Rob provides training for established training institutions such as Security Academy, the IMF Academy and ISACA. He is also affiliated with the Department of Criminal Law and Criminology at the University of Groningen, where he deals with cyber crime and cyber security.
Module 1 – Introduction in IT-Security
Module 2 – Laws, Regulations, Standards and Best Practices
• Overview laws and regulations
• Overview of relevant standards and best practices in the field of security
Module 3 – Incident Management
• Roles and decision-making
• Relationship between CSIRT and CERT
• Risk analysis
Module 4 – Network Security
• Network components (Switch, Router, Firewall, Proxy, IDPS, Honeypot)
• Security mechanisms at the network level (Port security, VLAN, NAP Content filters)
Module 5 – System Security
• System components (System Architecture Hardware, Servers, Workstation, Devices)
• Security mechanisms at system level (CPU Privilege Levels, Process Management, Memory Management, User Management)
Module 6 – Application Security
• Types of applications / services (stand-alone, client-server, Web apps / Apps)
• Security mechanisms at application level (Access Controls, Audit Trails)
Module 7 – Encryption
• Symmetric and asymmetric crypto
• Certificates and PKI
• SSL / TLS intro shortcomings SSL migration to TLS1.2
Module 8 – Identity & Access Management
• Password management
• User management
Module 9 – Ethical Hacking
• Overview of the main hacking techniques
• Demonstration hacking
The course provides students with all the knowledge they need to pass their exam. Upon successful completion of their exam, students will receive an “IT-Security Practitioner” certificate and the S-ITSP title from the SECO-Institute. Both the course material and the exam are in English.
About SECO Institute’s IT-Security Track:
- The IT-Security Track is a complete program tailored for those willing to become a Certified IT-Security Officer
- IT-Security helps you design, implement and manage the security infrastructure and systems in your IT organisation
- Similar training programs focus on a specific technological aspect of security, such as network security and pen testing, and they also tend to be vendor-specific. Our ITS certification track, by contrast, offers tailor-made courses covering network, system, application and database security
About the IT-Security Practitioner certificate:
Core IT security skills you will validate with your SECO-ITSP (S-ISF) certificate
The ITSP certification exam tests your real-world IT security skills. By passing the certification exam and earning a SECO-IT-Security Practitioner (S-ITSP) certificate, you demonstrate that you possess the top competencies of a successful IT security professional.
In particular, an S-ITSP certificate attests to your ability to:
- Translate relevant legal, regulatory and standard requirements and industry-best practices to a company-wide cybersecurity framework;
- Handle security incidents in line with incident management best practices, with special regard to the European Union Agency for Network and Information Security (ENISA) Good Practice Guide for Incident Management;
- Demonstrate an in-depth understanding of switches, routers, gateways, firewalls and intrusion detection systems;
- Design a secure network architecture;
- Apply basic Windows and Linux hardening techniques;
- Develop an implement a patch management policy;
- Demonstrate an in-depth understanding of application vulnerabilities and apply basic application hardening techniques;
- Identify security measures to counter the OWASP Top 10;
- Apply encryption to protect communications, file systems and files;
- Implement role-based access control;
- Use penetration testing tools to access a system and exploit an SQL injection vulnerability
What are the benefits of an S-ITSP certificate?
An S-ITSP certificate enables you to demonstrate core technical competencies employers look for in IT security professionals: vulnerability management, incident management, firewall and network security, security architecture and penetration testing– and all that combined with management skills and business insights. This unique combination will allow you to assume a more senior security role, or continue your learning path to becoming a high-level security specialist.
Who should certify?
The course and the certificate are ideal for you, if
- You are a security administrator, analyst, architect, auditor or consultant, and you are looking to transition to an IT security management role;
- You are planning to continue your IT security learning path all the way to becoming a Security Operations Centre (SOC) Analyst;
How to prepare for the certification exam?
You can prepare for your certification exam by taking a course or by self-study.
We also offer classroom training through our accredited education partners. To find a course in your country, visit the Get Trained page.
If you prefer to prepare by self-study, make sure that you fully understand the requirements before you book your exam. Download the sample exam to familiarise yourself with the structure and topic areas of the certification exam.
How to book a certification exam?
You can take your certification exam at an accredited exam centre or online.
For more information on the exam, please refer to the SECO Examination Guide.
S-ITSP certificate and digital badge:
Upon successful completion of a SECO IT-Security Practitioner certification exam, you will receive the S-ITSP certification title and a digital badge. Your credentials will grant you a one-year SECO membership. After your certification expires, you will have the option to re-certify by paying a small fee.
As a prerequisite to renewing your certification, you have to meet Continuing Professional Education (CPE) requirements. CPE requirements can be met by attending workshops, conferences and webinars, publishing articles, providing training, and performing other similar activities that help you maintain your professional competencies.
For more information on the certification process and Continued Professional Education (CPE) requirements, please refer to the SECO Certifications Guide.
About SECO Institute:
Security & Continuity Institute (SECO) is Europe’s leading institute for highly qualified Security & Continuity certifications and the body of knowledge of the Cyber Security & Governance Certification Program. SECO-Institute certifies professionals (from beginner to senior level) in Information Security, IT-Security, Privacy & Data Protection, Ethical Hacking, Secure Software, Business Continuity and Crisis Management.
SECO-Institute’s goal is to improve Security & Continuity through the globally recognised certifications, professional development courses and networking opportunities. SECO-Institute came to existence in 2008 when the Security Academy Netherlands started to develop certification courses in Security and Business Continuity. Security Academy and started to develop an internationally recognised Cyber Security & Governance Certification Program, based on the European e-Competence Framework (e-CF). In 2016, the Security Academy decided to focus on educational activities and transferred the complete courseware development process to the SECO-Institute. At present, SECO-Institute acts as an independent body of knowledge for the Cyber Security & Governance Certification Program. SECO’s mission is to educate professionals for job-specific expertise in Security & Continuity from beginner to senior level. With worldwide training and examination partners, personal certification titles and an independent courseware development centre, SECO-Institute is the European alternative for American certifications. For more information please visit: https://www.seco-institute.org/