This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.
It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.
Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real-scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.
E|CIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organizations from future threats or attacks.
There is no organization that is truly safe from a cyberattack. An Incident Manager with the proper incident handling skills can help reduce the impact of a breach.
The incident handling skills taught in E|CIH are complementary to the job roles below as well as many
other cybersecurity jobs:
- Penetration Testers
- Application Security Engineers
- Vulnerability Assessment Auditors
- Cyber Forensic Investigators/Analyst and SOC Analyst
- Risk Assessment Administrators
- System Administrators/Engineers
- Network Administrators
- Firewall Administrators and
- Network Managers/IT Managers
Lesson 1: Introduction to Incident Handling and Response
Lesson 2: Incident Handling Response Process
Lesson 3: Forensic Readiness and First Response
Lesson 4: Handling and Responding to Malware Incidents
Lesson 5: Handling and Responding to Email Security Incidents
Lesson 6: Handling and Responding to Network Security Incidents
Lesson 9: Handling and Responding to Web Application Security Incidents
Lesson 7: Handling and Responding to Cloud Security Incidents
Lesson 8: Handling and Responding to Insider Threats
Purpose of E|CIH
To enable individuals and organization with the ability to handle and respond to different types of cybersecurity incidents in a systematic way
To ensure that organization can identify, contain, and recover from an attack
To minimize the loss and after-effects breach of the incident.
For individuals: To enhance skills on icident handling and boost their employability
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and
incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging,
transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
- Exam Title: EC-Council Certified Incident Handler
- Exam Code: 212-89
- Number of Questions: 100
- Passing Score: 70%
- Test Duration: 3 Hours
- Test Format: Multiple Choice