EC-Council Certified Incident Handler Training

  • Learn via: Classroom
  • Duration: 3 Days
  • Price: From $3,477+VAT
We can host this training at your preferred location. Contact us!

EC-Council Certified Incident Handler (ECCIH) v2 for the skills you need in cyber security incident management, handling and response.

100% compliant with the NICE 2.0 & CREST Frameworks, the ECCIH certification is internationally recognised - giving you valuable credibility in incident management. You’ll learn how to identify, control, and recover from cyber security attacks on this hands-on course.

The ECCIH course is perfect if you’re an incident handler, risk assessment administrator, pen tester, cyber forensic investigator, vulnerability assessment auditor, system administrator, system engineer, firewall administrator or network manager.

ECCIH v2 was created using job task analysis related to incident handling and incident first responder roles and meets industry-wide incident handling standards.

What’s included:

  • EC-Council ECCIH Certified Instructor
  • Official EC-Council ECIH course materials
  • Official ECCIH lab access
  • Instructor-led ECCIH exam preparation
  • EC-Council ECCIH exam, which you'll take post course

When you achieve your ECCIH certification, you will be awarded a digital badge. This can be downloaded from EC-Council’s Aspen Portal.

You should have the following experience before attending this course:

  • A minimum of one year’s experience of Windows and Linux systems
  • An understanding of common network and security services

Module 01: Introduction to Incident Handling and Response

  • Overview of Information Security Concepts
  • Understanding Information Security Threats and Attack Vectors
  • Understanding Information Security Incident
  • Overview of Incident Management
  • Overview of Vulnerability Management
  • Overview of Threat Assessment
  • Understanding Risk Management
  • Understanding Incident Response Automation and Orchestration
  • Incident Handling and Response Best Practices
  • Overview of Standards
  • Overview of Cyber security Frameworks
  • Importance of Laws in Incident Handling
  • Incident Handling and Legal Compliance

Module 02: Incident Handling and Response Process

  • Overview of Incident Handling and Response (IH&R) Process
  • Step 1: Preparation for Incident Handling and Response
  • Step 2: Incident Recording and Assignment
  • Step 3: Incident Triage
  • Step 4: Notification
  • Step 5: Containment
  • Step 6: Evidence Gathering and Forensics Analysis
  • Step 7: Eradication
  • Step 8: Recovery
  • Step 9: Post-Incident Activities

Module 03: Forensic Readiness and First Response

  • Introduction to Computer Forensics
  • Overview of Forensic Readiness
  • Overview of First Response
  • Overview of Digital Evidence
  • Understanding the Principles of Digital Evidence Collection
  • Collecting the Evidence
  • Securing the Evidence
  • Overview of Data Acquisition
  • Understanding the Volatile Evidence Collection
  • Understanding the Static Evidence Collection
  • Performing Evidence Analysis
  • Overview of Anti-Forensics

Module 04: Handling and Responding to Malware Incidents

  • Overview of Malware Incident Response
  • Preparation for Handling Malware Incidents
  • Detecting Malware Incidents
  • Containment of Malware Incidents
  • Eradication of Malware Incidents
  • Recovery after Malware Incidents
  • Guidelines for Preventing Malware Incidents

Module 05: Handling and Responding to Email Security Incidents

  • Overview of Email Security Incidents
  • Introduction to Email Security Incidents
  • Types of Email Security Incidents
  • Preparation for Handling Email Security Incidents
  • Detection and Containment of Email Security Incidents
  • Eradication of Email Security Incidents
  • Recovery after Email Security Incidents

Module 06: Handling and Responding to Network Security Incidents

  • Overview of Network Security Incidents
  • Preparation for Handling Network Security Incidents
  • Detection and Validation of Network Security Incidents
  • Handling Unauthorised Access Incidents
  • Handling Inappropriate Usage Incidents
  • Handling Denial-of-Service Incidents
  • Handling Wireless Network Security Incidents

Module 07: Handling and Responding to Web Application Security Incidents

  • Overview of Web Application Incident Handling
  • Web Application Security Threats and Attacks
  • Preparation to Handle Web Application Security Incidents
  • Detecting and Analysing Web Application Security Incidents
  • Containment of Web Application Security Incidents
  • Eradication of Web Application Security Incidents
  • Recovery from Web Application Security Incidents
  • Best Practices for Securing Web Applications

Module 08: Handling and Responding to Cloud Security Incidents

  • Cloud Computing Concepts
  • Overview of Handling Cloud Security Incidents
  • Cloud Security Threats and Attacks
  • Preparation for Handling Cloud Security Incidents
  • Detecting and Analysing Cloud Security Incidents
  • Containment of Cloud Security Incidents
  • Eradication of Cloud Security Incidents
  • Recovering from Cloud Security Incidents
  • Best Practices Against Cloud-based Incidents

Module 09: Handling and Responding to Insider Threats

  • Introduction to Insider Threats
  • Preparation for Handling Insider Threats
  • Detecting and Analysing Insider Threats
  • Containment of Insider Threats
  • Eradication of Insider Threats
  • Recovery after Insider Attacks
  • Best Practices Against Insider Threats

Exam details

You'll sit the following exam after the course:

  • ECIH: exam code 212-89
  • Number of Questions: 100
  • Passing Score: 70%
  • Test Duration: 3 hours
  • Test Format: Multiple choice


Contact us for more detail about our trainings and for all other enquiries!

Upcoming Trainings

Join our public courses in our Istanbul, London and Ankara facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

Classroom / Virtual Classroom
07 January 2024
Istanbul, Ankara, London
3 Days
Classroom / Virtual Classroom
14 August 2024
Istanbul, Ankara, London
3 Days
Classroom / Virtual Classroom
16 October 2024
Istanbul, Ankara, London
3 Days
Classroom
18 December 2080
Istanbul, Ankara, London
$3,477+VAT Book Now
By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.