EC-COUNCIL E|CIH
Description:
The E|CIH (Certified Incident Handler) certification from EC-Council is one of the most respected in cyber incident response, empowering professionals to minimize the damage from attacks, restore services, and mitigate future risks. The ECIH Version 2, launched in 2019, is compatible with the NICE 2.0 and CREST frameworks, focusing on the role of the first responder and forensic analysis of malware, email, network, web applications, and cloud artifacts, offering practical labs and tools for realistic training.
Course Outline for E|CIH V2:
• Introduction to Incident Handling and Response
• Incident Handling and Response Process
• Forensic Readiness and First Response
• Handling and Responding to Malware Incidents
• Handling and Responding to Email Security Incidents
• Handling and Responding to Network Security Incidents
• Handling and Responding to Web Application Security Incidents
• Handling and Responding to Cloud Security Incidents
• Handling and Responding to Insider Threats
Course Objectives for E|CIH V2:
-
Understand the key issues affecting the world of information security
-
Learn how to combat different types of cybersecurity threats, attack vectors, threat actors, and their motivations
-
Learn the fundamentals of incident management, including the signs and costs of an incident
-
Understand the basics of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
-
Master all the best practices, standards, cybersecurity frameworks, laws, acts, and regulations
-
Decode the various steps involved in planning an incident handling and response program
-
Gain an understanding of the fundamentals of forensic computing and forensic readiness
-
Understand the importance of first response procedures, including evidence collection, packaging, transportation, storage, data acquisition, and the analysis of both volatile and static evidence
-
Understand the anti-forensic techniques used by attackers to conceal cybersecurity incidents
-
Apply the correct techniques to different types of cybersecurity incidents in a systematic manner, including malware incidents, email security incidents, network security incidents, web application security, cloud security incidents, and incidents related to insider threats.
Exam Information:
• Exam name: ECIH 212-89
• Test format: Multiple Choice
• Total number of questions: 100
• Test duration: 3 hours
• Required score: 70%
Course Duration:
6 Days | 24 Hours | 4 hours per day
Target Audience:
ECIH is a specialist-level program designed for mid-level to advanced cybersecurity professionals. To increase the chances of success, at least 1 year of experience in the cybersecurity domain is recommended. ECIH members are ambitious security professionals working in Fortune 500 organizations globally. Profiles include: Penetration Testers; Vulnerability Assessment Auditors; Risk Assessment Administrators; Network Administrators; Application Security Engineers; Cyber Forensic Investigators/Analysts and SOC Analysts; System Administrators/Engineers; Firewall Administrators; and Network/IT Managers.
Course Brochures (click the icon)