IT-Security Expert course

15-day expert level IT-Security course

This program will become available late 2017


With this certification, you will be recognised as an IT-Security professional with sufficient skills to implement, anchor and manage the IT-Security process in your organisation. You will be able to act as a linchpin between the IT-business and IT-operations departments.


Target audience

This course is aimed at those who are or expect to be involved in the implementation, coordination and management of IT-Security, such as:


  • network managers, professionals in charge of network, systems, applications, services and databases who need a thorough background of the technical aspects of information security.
  • This course is also very useful for employees of Security Operations Centres of Incident Response Teams whose work requires technical knowledge of topics such as monitoring and trace evidence in the digital domain.

Required knowledge

A strong basic knowledge of IT-Security is required. We recommend the IT-Security Practitioner course or equivalent (CISSP) prior to this course program.


Exam, course material and certification

The SECO-Institute exam is conducted by the Security Academy and consists of multiple choice questions, open questions and case studies. Students will also have to write a paper. The course will provide you with all the knowledge you need to pass your exam and write your paper. Upon successful completion of your exam you will receive an "IT-Security Expert" certificate from SECO-Institute and you will be able to register for your S-ITSE title and digital badge. Both the course material and the exam are in English. The course includes:


  • SECO-Institute Course material
  • SECO-Institute Exam, one week after the last lesson
  • One-year SECO-Institute title and digital badge registration (more information here)


This course is the third level of the Certified IT-Security Officer certification track of the  SECO-Institute's Cyber Security & Governance Certification Program. Succesful completion of an IT-Security Expert course will provide you with the necessary knowledge to be able to continue and obtain the Certified IT-Security Officer title. More information on this certification program can be found on the SECO-institute website.


Course program

The design of this program consists of three phases, namely a short core phase for all students, a specialisation phase in which students can specialise themselves, and finally an integration phase where knowledge is being offered relevant to all students.

In the specialisation phase students choose, in consultation with the professor, the modules that best suit the goals they have set for themselves. The size of this phase can vary somewhat per studen, but the total course duration must never be shorter than the specified number of nominal contact hours, unless there are dispensations. The professor explains the agreed program in a course plan that is made available to students. This course plan must be completed within one year.

For now, the first four days of this training are planned, the rest depending on module choices.


  • Module 1 - core phase - Introduction to IT Security
    • What is IT Security and why is it so important?
  • Module 4 - core phase - Network Filters in an IP-network


    • The most important protocols
    • The Security of WiFi-networks

    Logging and monitoring

    • Logging best practices
    • Monitoring best practices
  • Module 5 - specialisation phase - IPv6
    • The most important protocols
    • IPv6 in a security context
  • Module 6 - specialisation phase - Network Filters in Detail
    • Firewall Intrusions
    • Detection and Prevention Systems
    • Next Generation Firewalls / Deep Packet Inspection
    • VPN
  • Module 7 - specialisation phase - Network Services
    • IPsec
    • Network Acces Control
    • RADIUS Kerberos 802.1x DNS & DNSec
  • Module 8 - specialisation phase - Windows Security
    • Build in security services
    • Hardening of Windows
    • Logging of Windows
  • Module 9 - specialisation phase - Linux Security
    • Build in security services
    • Hardening of Linux
    • Logging of Linux
  • Module 10 - specialisation phase - Mac OS X
    • Build in security services
    • Hardening of Mac OS X
    • Logging of Mac OS X
  • Module 11 - specialisation phase - Database Security
    • RDBMS Security Mechanisms
    • Securing databases
    • Logging in databases
  • Module 12 - specialisation phase - Application Security
    • Security aspects of traditional client-server applications
    • Security aspects of web servers and web applications
    • OWASP
  • Module 13 - specialisation phase - Deepening Identity and Access Management
    • Further elaboration of the most commonly used methods
    • Identity and Access Control in Windows
    • Identity and Access Control in Linux
    • Identity and Access Control in iOS
    • Identity and Access Control databases
    • IAM Tooling
  • Module 14 - specialisation phase - Deepening Crypto
    • Protocols and use
    • PKI
    • Vulnerabilities
  • Module 15 - specialisation phase - Deepening Hacking
    • Hacking of network traffic and network devices
    • Hacking of systems
    • Hacking of WebApps and Mobile Apps
  • Module 16 - specialisation phase - Deepening Logging and Monitoring
    • Loganalyse
    • Traffic analyse
    • Host Integrity Monitoring Systems
    • SIEM
    • Honeypots
  • Module 17 - specialisation phase - Forensics
    • Basics knowledge of forensics
    • Trace evidence within networks
    • Trace systems
    • How to handle technical content with the most common types of incidents
  • Module 18 - integration phase - Security Assessment
    • Threat modeling
    • Assessments perform and interpret
  • Module 19 - integration phase - Deepening Incident Management

    Further elaboration of the process:

    • Classification
    • Detection
    • Altering
    • Follow up
    • Recovery
    • Reporting
    • Relationship with Asset Owners and Service Managers
  • Module 20 - integration phase - Practicum

    Create architecture plan for the security of the IT environment of the organisation model Bicsma

  • Practice Exam
    • Mock exam
  • Exam

    The exam consists of multiple choice questions and case studies. The course will provide you with all the knowledge you need to pass the exam. Upon successful completion of your exam, you will receive an "IT-Security Expert" certificate and the S-ITSE title of the SECO-Institute. Both the course material and the exam are in English.

    More information about the IT-Security Epxert Exam

  • Features

    • 15- day expert course including exam
    • Official SECO-Institute course material provided through the Security Academy's Student Portal where you will find the course slides and plenty of additional courseware
    • Study load:
      Contact hours: 105 hours (fifteen days, minus breaks)
      Self-study: 60 hours spread over the entire course
      Exam preparation: 21 hours
      Paper: 40 hours
    • You will receive a voucher, which entitles you or a colleague to a 10% discount on all subsequent courses

    Course information

    Sign up for the newsletter.

    Others also viewed

    Your Internet Explorer is out of date.

    This website can not be viewed with this browser!

    Upgrade your browser to the latest version of Internet Explorer 8 or install another browser, such as Firefox or Google Chrome.