EC-Council Certified Incident Handler (ECIH v2)

Course Overview

EC-Council’s Certified Incident Handler (E|CIH) program has been designed to address the needs of information security professionals who want to get equipped with the principles and gain knowledge on detecting and responding to the current security incidents and threats emerging in an information system. It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.

Learning Outcome of the ECIH v2 Training Course

After successfully completing this course, participants will be able to:

  Handle and respond to different types of cybersecurity incidents in a systematic way.

  Ensure that organization can identify, contain, and recover from an attack.

  Reinstate regular operations of the organization as early as possible and mitigate the negative impact on the business operations.

  Be able to draft security policies with efficacy and ensure that the quality of services is maintained at the agreed levels.

 Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives

 Learn the fundamentals of incident management including the signs and costs of an incident

 Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration

 Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations

 Decode the various steps involved in planning an incident handling and response program

Gain an understanding of the fundamentals of computer forensics and forensic readiness

 Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis

Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups

 Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents

Who should attend ECIH v2 Training Course?

The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:

 Penetration Testers

 Vulnerability Assessment Auditors

 Risk Assessment Administrators

 Network Administrators

 Application Security Engineers

 Cyber Forensic Investigators/ Analyst and SOC Analyst

 System Administrators/Engineers

 Firewall Administrators and Network Managers/IT Managers

About the Exam

Number of Questions: 100

Passing Score: 70%

Test Duration: 3 hours

Test Format: MCQ

Test Delivery: ECC Exam Portal

Exam Code: 212-89

Download Course Content