Skip to main content

Official ISC2 CISSP Course

  • Official ISC2 CISSP-training

  • Trainer with 20+ years experience

  • Maximum of 8 trainees per class

  • Official ISC2 trainingmaterial

  • Fully catered training

CISSP training van een erkend ISC2 partner

OptiSec is an Official ISC2 Training Partner!

OptiSec is a fully accredited partner of ISC2. This means that our trainingcourses are fully in line with the exam, are of excellent quality and our trainers are certified and recognized by (ISC)². We always provide practical training that matches today's reality!

ISC2 Official Training Partner

ISC2 Official Training Partner

Why follow CISSP at OptiSec?

Our training goes beyond theory and we do much more than just reading ppt-slides. Take advantage of our trainer's 20 years of knowledge and experience. And because we teach to small classes and with a personal approach, you get all the space to ask your questions. Our trainers are hand-selected and we don't stop when we see a good resumé. A skilled professional is not automaticcaly the same as a skilled trainer.

"After following the CISSP training, I am even more enthusiastic about InfoSec than I already was. The training went at a nice pace where we focused on the points that were difficult and quickly moved past the easy material. After working with CISSP for a week, I really feel that I have made a huge leap in knowledge on every level!!"

Information on this page

Why become a Certified Information Systems Security Professional?

CISSP is a certification process that addresses information security in the broadest sense of the word. The management side is discussed, but also the technical side. With CISSP you acquire the most requested certificate in the field of information security. By obtaining your CISSP, you demonstrate that you have knowledge of various domains and that you are broadly employable. This is a must-have for every security professional.

With the CISSP certificate you demonstrate that you have in-depth knowledge of the eight domains that fall under CISSP. From governance to software development security. Today, for almost every position within the IT landscape where you come into contact with security, CISSP is asked to demonstrate that you are capable of the assignment.

During this training you will gain knowledge of every security aspect within information security, which will lay the foundation for you to be able to provide substantive input on each topic. CISSP is a very valuable addition for both experienced and inexperienced people and opens the door to any specialization. Both penetration testers and security managers benefit greatly from CISSP, as it provides insights into the entire field of information security.

Relevante functies:

  • Cyber Security Specialist

  • Security Consultant

  • ISO (Information Security Officer)

  • Security Manager

  • CISO (Chief Information Security Officer)

  • Security Engineer

  • System- & Network Engineer

  • Risk manager

  • Ethisch Hacker (Pentester)

  • Security Officer

Apply for CISSP training

Our courses take place in a comfortable trainingroom. Lunch, snacks and drinks are included.
And ofcourse official material and additional test exams for preparation of the exam. Examvoucher is not included in this training.

LocationDatePrice ex VATSign Up
Woerden, Pelmolenlaan 16-18
27 - 31 May

€ 2999,-

Sign up

Certified Information Systems Security Professional domains

CISSP exist of the following eight domains:


OptiSec goes beyond theory and the official slides. More than 20 years of relevant professional experience is at your disposal. We teach from practice and you will notice the difference. We are also there for you after the training.

01: Security and Risk Management

Security and Risk Management forms the foundation of every information security specialist. How does an organization work and which agreements must be put on paper to set up a fully ISMS. How do we deal with staff, what standards do we have to achieve and how do we set this up. The first domain of CISSP lays a very strong foundation for every specialist.

Which topics do we address?

  • Security Governance, Principles and Policies

  • CIA-Triad

  • Evaluate and appliance of the principles of Security Governance

  • Development, design and implementation of Security Policies

  • Threat modelling concepts and methods

  • Personel security & Risk Management

  • Business Continuity Planning

  • Law and regulations

  • Compliance

02: Asset Security

Securing assets is essential within a good security program. In this domain we learn to identify assets and classify them. We discuss the application of security baselines and how they relate to ownership.

What topics do we address?

  • Identify and classification of Assets

  • Establish ownership

  • Applying security baselines

03: Security Architecture and Engineering

Determining how systems integrate with business objectives is necessary to ensure that security remains optimal. Without architecture, the correlation between services is lost and costs increase and security decreases. During this domain we will discuss the architecture and its preparation.

What topics do we address?

  • Cryptography & Symmetric Key Algorithms

  • PKI & Cryptographic Applications

  • Hash functions, key management, cryptografic attacks

  • Assess & Mitigation of security vulnerabilities

  • Security Models, Design & Capabilities

  • Security Vulnerability, Threats and Countermeasures

  • Physical security requirements

04: Communications and Network Security

All systems within an organization communicate with each other over network infrastructure. This domain discusses the security aspects in this area and what should be paid attention to.

What topics do we address?

  • Security Network Architecture & Securing Network Components

  • Secure Communications and Network Attacks

  • TCP/IP Model

  • Wireless Networks

  • Cabling, Wireless, Topology, Communication and Transmission techniques

  • Secured VoIP

  • Remote Access Security Management

  • Virtual Private Networks

  • Network Address Translation

  • WAN technology

  • Prevent & Mitigate network attacks

05: Identity and Access Management

Access to systems is an essential component. Identifying users, maintaining them and ensuring that privileges are not more than necessary is a necessary element of information security.

What topics do we address?

  • AAA-Model

  • Managing Identy and Authentication

  • Controlling and Monitoring Access

  • Controlling access

  • Implementation of Identity Management

  • Managing identity and Access provisioning lifecycle

  • Comparison of Access Control models

  • Access Control attacks

06: Security Assessment and Testing

Validating the software and testing for vulnerabilities is a step that cannot be missed in any information security program. Vulnerabilities must also be classified to know what urgency there is to resolve these vulnerabilities.

What topics do we address?

  • Security Assessment and Testing

  • Building a Security Assessment and Testing program

  • Performing Vulnerability Analysis

  • Software testing

  • Implement Security Management processes

07: Security Operations

Security is at every level within the operation. This domain discusses the operational side of security and how we should deal with incidents. How recovery after an incident takes place is also necessary to be clear in advance.

What topics do we address?

  • Managing Security Operations

  • Applying Security Operations concepts

  • Securely Provisions Resources

  • Management of configurations

  • Changemanagement

  • Patching and vulnerability management

  • Incident Response management

  • Implementation of Detective and Preventive security controls

  • Investigation and Ethics

  • Logging, Monitoring and Auditing

  • Disaster Recovery Planning

  • Resilience and error tolerance

  • Recovery strategy

  • Security Awareness

08: Software Development Security

During the software development phase, a cycle takes place. The software development life cycle (SDLC) is a process in which various phases are discussed. What should we do from starting this development to ultimately disposing of the software?

What topics do we address?

  • Software Development Security

  • Malicious Code and Application Attacks

  • System Development Controls

  • Databases and Data Warehousing

  • Storing Data and Information

  • Knowledge-based Systems

  • Malicious Code

  • Password attacks

  • Application attacks

  • Web application attacks

  • Reconnaisance attacks

The Certified Information Systems Security Professional Exam

The CISSP exam is known to be a very difficult exam. The exam consists of the eight domains and contains 100 to 150 multiple choice questions. To pass you must get at least 70% correct and score at least 70% for each individual domain.

The domains appear in the following order in the exam:

  1. Security and Risk Management (15%)
  2. Asset Security (10%)
  3. Security Architecture and Engineering (13%)
  4. Communications and Network Security (14%)
  5. Identity and Access Management (13%)
  6. Security Assessment and Testing (12%)
  7. Security Operations (13%)
  8. Software Development Security (10%)


"Never lost my attention"

9.4/10: The training went very quickly, but remained interesting and easy to follow. Never lost my attention for a moment and rarely have I had the feeling during a training that I have made a really big step in my level of knowledge in a short time. During the training we were also challenged with exam questions. Not only the right answer was taken into account, but precisely why the wrong answers were wrong. A nice combination where even the wrong answers have given me a lot of insight. OptiSec also provided a special lunch due to my gluten intolerance, you cannot expect better care for your customer. Compliments!!


"Simply put: excellent experience"

9.5/10: Anyone who would say that information security is dusty has probably not followed the training at OptiSec. The trainer (Ferry) is enthusiastic and his energy is contagious. After following this training, I am even more enthusiastic about InfoSec than I already was. The training went at a nice pace where we focused on the points that were difficult and quickly moved past the easy material. After working with CISSP for a week, I really feel that I have made a huge leap in knowledge on every level! In addition to the training, the lunches were really well taken care of and there was plenty to eat and drink during the training. This created a pleasant atmosphere and feeling as if you were following a training session at home.


Apply for the official ISC2 CISSP training course

  • Official ISC2 CISSP training

  • Certified and accredited trainingcentre

  • Maximum of 8 trainees per class

  • Official ISC2 trainingmaterial

  • Fully catered training

OptiSec logo