Course Description

ECIH is a highly interactive, comprehensive, high-standard, intensive 3-day training program that teaches information security professionals to behave professional incident handlers and gain a distinct identity than other security professionals. The program teaches all the necessary components of incident handling, containment and reinstating the IT infrastructure.

Learning Outcomes

  • Understand the key issues plaguing the information security world
  • Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
  • Learn the fundamentals of incident management including the signs and costs of an incident
  • Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
  • Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
  • Decode the various steps involved in planning an incident handling and response program
  • Gain an understanding of the fundamentals of computer forensics and forensic readiness
  • Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
  • Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
  • Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents

Course Outline

  • Introduction to Incident Handling and Response
  • Incident Handling and Response Process
  • Forensic Readiness and First Response
  • Handling and Responding to Malware Incidents
  • Handling and Responding to Email Security Incidents
  • Handling and Responding to Network Security Incidents
  • Handling and Responding to Web Application Security Incidents
  • Handling and Responding to Cloud Security Incidents
  • Handling and Responding to Insider Threats

Certification Exam

ECIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling

Exam Title EC-Council Certified Incident Handler
Exam Code 212-89
Number of Questions 100
Duration 3 hours
Availability EC-Council Exam Portal
Test Format Multiple Choice
Passing Score 70%

Prerequisites

  • 1 year of information security experience
  • Attendees must be at least 18 years of age

Date:
Location:
Sessions: 3 Days
Class time:
Instructional Method: Instructor-led – Classroom and Live Virtual