Course Description
ECIH is a highly interactive, comprehensive, high-standard, intensive 3-day training program that teaches information security professionals to behave professional incident handlers and gain a distinct identity than other security professionals. The program teaches all the necessary components of incident handling, containment and reinstating the IT infrastructure.
Learning Outcomes
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
- Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
Course Outline
- Introduction to Incident Handling and Response
- Incident Handling and Response Process
- Forensic Readiness and First Response
- Handling and Responding to Malware Incidents
- Handling and Responding to Email Security Incidents
- Handling and Responding to Network Security Incidents
- Handling and Responding to Web Application Security Incidents
- Handling and Responding to Cloud Security Incidents
- Handling and Responding to Insider Threats
Certification Exam
ECIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling
Exam Title | EC-Council Certified Incident Handler |
Exam Code | 212-89 |
Number of Questions | 100 |
Duration | 3 hours |
Availability | EC-Council Exam Portal |
Test Format | Multiple Choice |
Passing Score | 70% |
Prerequisites
- 1 year of information security experience
- Attendees must be at least 18 years of age
Date:
Location:
Sessions: 3 Days
Class time:
Instructional Method: Instructor-led – Classroom and Live Virtual