EC-Council Certified Incident Handler (ECIH v2)
Course Overview
EC-Council’s Certified Incident Handler (E|CIH) program has been designed to address the needs of information security professionals who want to get equipped with the principles and gain knowledge on detecting and responding to the current security incidents and threats emerging in an information system. It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.
Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.
Learning Outcome of the ECIH v2 Training Course
After successfully completing this course, participants will be able to:
Handle and respond to different types of cybersecurity incidents in a systematic way.
Ensure that organization can identify, contain, and recover from an attack.
Reinstate regular operations of the organization as early as possible and mitigate the negative impact on the business operations.
Be able to draft security policies with efficacy and ensure that the quality of services is maintained at the agreed levels.
Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
Learn the fundamentals of incident management including the signs and costs of an incident
Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
Decode the various steps involved in planning an incident handling and response program
Gain an understanding of the fundamentals of computer forensics and forensic readiness
Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
Who should attend ECIH v2 Training Course?
The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:
Penetration Testers
Vulnerability Assessment Auditors
Risk Assessment Administrators
Network Administrators
Application Security Engineers
Cyber Forensic Investigators/ Analyst and SOC Analyst
System Administrators/Engineers
Firewall Administrators and Network Managers/IT Managers
About the Exam
Number of Questions: 100
Passing Score: 70%
Test Duration: 3 hours
Test Format: MCQ
Test Delivery: ECC Exam Portal
Exam Code: 212-89
