IT-Security Practitioner (S-ITSP)

IT security certification course for aspiring IT and cyber security managers by IT security experts
EnrollBook as in-company

What will you learn?

  • 9Get a solid grounding in network, system, mobile/IoT and application security, incident management, cryptography and identity & access management;
  • 9Understand the most important legal, regulatory and industry frameworks that govern IT security;
  • 9Practice key technical and management skills, from developing a cyber security framework to designing a security infrastructure to drafting security policies, guidelines and benchmarks;
  • 9Perform a basic black-box penetration test in a lab environment.


  • 5 course days
  • 20 hours of self-study
  • R1 CPE credit per study hour

IT-Security Practitioner – Practical IT security management training for aspiring security managers

Designed by practicing IT security (management) experts, our IT-Security Practitioner course offers a unique combination of technical security and security management skills to prepare you for successful progression into an IT security management role.

In this advanced IT security training, you will immerse yourself in network, system, mobile/IoT and application security. You will get a good understanding of attack trends and mitigation techniques, incident management, identity & access management and threat management. As you move along in the course, you will practice your skills with hands-on assignments in secure network architecture, intrusion prevention & detection, system hardening, mobile & IoT security controls, securing software, encryption, and designing IAM models.

In addition to mastering technical security concepts, you will also gain insight into relevant legal concepts and best-practice IT security standards and frameworks to safeguard the security and compliance of an IT infrastructure. You will  learn how to develop security policies, guidelines and benchmarks to improve an organisation’s IT security and compliance. Finally, you will also try your hand at ethical hacking. At the end of the course, you will perform a basic black box penetration test in a lab environment.

Prerequisites to joining this IT-Security Practitioner course

This IT-Security Practitioner course was designed by practicing IT security (management) experts for IT professionals who aspire to advance their career to an IT or cyber security management role or further specialise in the technical aspects of IT security. To truly benefit from this advanced IT security training, you should have a good understanding of fundamental IT security terms and principles.

Are you looking for an entry-level IT security training? Learn IT security fundamentals in just three days in our IT Security Foundation course.

Is this IT-Security Practitioner course for you?

This IT-Security Practitioner course and certification provide you with the knowledge, skills and credentials you need to start and pursue a successful career in IT security management. Are you a system / network administrator, programmer or security analyst? This course is ideal for you if you aspire to qualify yourself for junior and mid-level positions in IT security management.

The course is also popular among security administrators, architects, auditors and consultants who are looking to transition to an IT security management role.

What is included in this IT-Security Practitioner course?

  • Official SECO-Institute course materials developed by practicing IT security managers and specialists;
  • Online training from passionate instructors who are active in IT security management;
  • Access to the SECO-Institute’s penetration testing lab environment;
  • Practice exam and exam syllabus so you can fully prepare for your certification exam;
  • Certification exam voucher;
  • Access to the (S)ECO-system, the SECO-Institute’s professional community website where you will find additional resources and exclusive knowledge events.

IT-Security Practitioner Course Modules

Module 1 – Introduction

• IT security concepts
• Security requirements and security design principles
• Threats, attacks and actors
• IT security strategy principles
• Securing IT infrastructures

• Assets, Owners, Threats and Countermeasures
• Threats and the CIA triad
• Attack trees
• Protocols and devices
• Security zoning
• Threat Actors
• Nmap

Module 2 – Laws, Regulations, Standards and Best Practices

• Cybercrime & computer crime
• Responsible disclosure
• Working with law enforcement
• Intellectual property and IT Security
• Privacy and IT Security
• Sector-specific security requirements
• Standards and best practices (ISO, NIST, ENISA, CIS, OWASP)

• Develop a Secure Teleworking Policy
• Implement a Secure Teleworking Policy
• Establish technical requirements for allowing BYOD

Module 3 – Incident Management

• Incident handling
• Incident handling workflow
• Incident detection
• Incident registration
• Triage
• Incident resolution

• Incident Handling Workflow
• Metasploit

Module 4 – Network Security

• Network Architecture
• Network Segmentation
• Intrusion Detection Systems
• Firewalls and Intrusion Prevention Systems
• Hardening devices
• Unified Threat Management Systems

• Secure network architecture
• Intrusion detection using Snort
• Firewalls and Intrusion Prevention Systems
• Using Snort as an IPS
• Configuration and hardening

Module 5 – System Security

• System Security Planning
• Operating System Hardening
• Benchmark Security Testing
• Security Maintenance
• Linux and Windows system security
• Hardening Windows and Linux/Unix systems

• Benchmark Linux Debian
• Configurating & Hardening Devices
• Benchmark Windows

Module 6 – Mobile Security & IoT Security

Mobile security
• Issues (OWASP)
• Attack vectors
• Targets
• Security controls
IoT security
• IoT Types
• Issues (OWASP)
• Attack vectors
• Targets
• Security controls

Module 7 – Application Security

• Software basics
• Making software more robust
• Software bugs
• Buffer overflows in depth
• Secure use of software

• Patch Management Policy
• Nessus
• John the Ripper

Module 8 – Encryption

• Confidentiality with Symmetric Encryption
• Message Authentication
• Public Key Encryption and Digital Signatures
• Applications Using Cryptography
• Hashing and how it is applied to safeguard integrity
• Encryption of data in store, or in transport
• Block ciphers and stream ciphers
• “state-of-the-art” algorithms and protocols
• Application of SSL/TLS
• Encryption best practices

• Public Key Encryption
• Public Key Encryption and Digital Signatures

Module 9 – Identity and Access Management

• Identity and access management
• User authentication methods and security issues
• Access control mechanisms
• User management

• Information classification model
• Attack tree for eavesdropping or replay attacks
• Design a Role-based Access Control model
• Open standards: OAuth and OpenID, SAML

Module 10 – Ethical Hacking hands on (not part of the exam)

• Penetration testing practice
• Brute-force login
• Information disclosure vulnerabilities
• SQL injection
• Reading local system files
• Grabbing usernames and passwords from the database
• Gaining a php shell through SQL injections
• Creating a reverse shell to gain command-line access to the server
• Gaining root access to the server

IT-Security Practitioner Certification Exam

The certification exam is conducted by the SECO-Institute, Europe’s leading security and continuity certification body. The exam voucher is included in the course fee, but you need to schedule your exam with the SECO-Institute. Upon successful completion of the exam, you will receive an exam certificate and an invitation to register your official SECO-IT-Security Practitioner (S-ITSP) certification title free. By activating your certification title, you will become a certified professional in your field and you will receive a shareable digital badge to verify your competence to clients, employers and fellow professionals.

Exam information

  • Exam language: English
  • Exam delivery: Online exam via a certified proctor
  • Exam format: 10 multiple-choice questions, 5 open questions and 1 case study
  • Duration: 120 minutes

Why earn a SECO IT-Security Practitioner (S-ITSP) certificate?

The SECO ITSP certification exam tests your understanding of today’s IT security playing field and your ability to perform the main tasks of an IT security manager. With an S-ITSP certificate, you can qualify yourself for junior or mid-level positions in IT security management.

Your S-ITSP credential will verify that you possess core technical and management skills employers look for in IT security professionals, such as vulnerability management, incident management, network, system, mobile and application security, security architecture and penetration testing– and all that combined with management, compliance and business insights. This unique combination will help you succeed in a more senior security role or continue your learning path to becoming a high-level security specialist.

Authors & Lead Trainers

Arjen Verhiel

Network & Infrastructure consultant

Jochen den Ouden

Ethical Hacker
Cyber Security specialist

Dr. Rob van der Staaij

IAM & IT-Infrastructure specialist

Register now

Organize a class dedicated for your team

It is possible to organize the course Incompany. Please contact us for more information.