EC-Council’s Certified Incident Handler provides students with a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. The skills taught in EC-Council’s ECIH program are desired by cybersecurity professionals from around the world and is respected by employers.
This course will significantly benefit incident handlers, risk assessment administrators, penetration testers, cyber forensic investigators, venerability assessment auditors, system administrators, system engineers, firewall administrators, network managers, IT managers, IT professionals, and anyone who is interested in incident handling and response.
By the end of this training, participants will be able to:
- Understand the key issues plaguing the information security world.
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives.
- Learn the fundamentals of incident management including the signs and costs of an incident.
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration.
- Decode the various steps involved in planning an incident handling and response program.
- Gain an understanding of the fundamentals of computer forensics and forensic readiness.
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis.
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups.
- Pre and Post training test to measure knowledge and learning levels.
- Engage trainees in exercises and group activities.
- Evaluation form to be filled by trainees.
About the Exam
To be eligible to sit the ECIH Exam, the candidate must either:
- Attend official ECIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn.
- Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.
- Module 01: Introduction to Incident Handling and Response.
- Module 02: Incident Handling and Response Process.
- Module 03: Forensic Readiness and First Response.
- Module 04: Handling and Responding to Malware Incidents.
- Module 05: Handling and Responding to Email Security Incidents.
- Module 06: Handling and Responding to Network Security Incidents.
- Module 07: Handling and Responding to Web Application Security Incidents.
- Module 08: Handling and Responding to Cloud Security Incidents.
- Module 09: Handling and Responding to Insider Threats.