The EC-Council Certified Incident Handler program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policy related to incident handling. After attending the course, they will be able to create incident handling and response policies and deal with various types of computer security incidents. The comprehensive training program will make students proficient in handling and responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats.
In addition, the students will learn about computer forensics and its role in handling and responding to incidents. The course also covers incident response teams, incident reporting methods, and incident recovery techniques in detail.
The E|CIH certification will provide professionals greater industry acceptance as the seasoned incident handler.
Certification The ECIH 212-89 exam will be conducted on the last day of training. Students need to pass the online exam to receive the ECIH certification.
The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:
Vulnerability Assessment Auditors
Risk Assessment Administrators
Application Security Engineers
Cyber Forensic Investigators/ Analyst and SOC Analyst
Firewall Administrators and Network Managers/IT Managers
The results of the training
Understand the key issues plaguing the information security world
Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
Learn the fundamentals of incident management including the signs and costs of an incident
Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
Decode the various steps involved in planning an incident handling and response program
Gain an understanding of the fundamentals of computer forensics and forensic readiness
Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
Prerequisites to the course (recommended): E|CIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.