OVERVIEW

The EC-Council Certified Incident Handler (ECIH) curriculum focuses on a systematic approach to incident handling and response (IH&R). Incident handling and response preparation, incident validation and prioritisation, incident escalation and notification, forensic evidence collecting and analysis, incident containment, systems recovery, and incident eradication are all aspects of the IH&R process. This systematic incident management and response method educates incident responders on how to handle various sorts of security issues.

Cybersecurity professionals interested in pursuing a career in incident handling and response must get extensive training on IH&R concepts as well as real-world scenarios. Hands-on learning is provided in the ECIH curriculum via iLabs, which are online laboratories inside the training programme.

Course Outline

• Module 01: Introduction to Incident Handling and Response
• Module 02: Incident Handling and Response Process
• Module 03: Forensic Readiness and First Response
• Module 04: Handling and Responding to Malware Incidents
• Module 05: Handling and Responding to Email Security Incidents
• Module 06: Handling and Responding to Network Security Incidents
• Module 07: Handling and Responding to Web Application Security Incidents
• Module 08: Handling and Responding to Cloud Security Incidents
• Module 09: Handling and Responding to Insider Threats

Course Objective

The CIH V2 certification and training targets to explain:

• Primary issues that plague information security domain
• Combating various kinds of cybersecurity threats, vectors of attack, threat actors and their objectives
• Core incident management fundamentals that include incident signs and costs
• Basics of vulnerability management, risk management, threat assessment, and automation and orchestration of the incident response
• Best practices of incident handling and response, cybersecurity frameworks, standards, acts, laws, and compliance
• The process to devise incident handling and response program
• Core essentials of computer forensics and readiness to forensics
• Anticipate the importance of procedure of the first response along with collecting evidence, packaging, storing, transportation, data acquisition, collection of the volatile and static evidence, and analyzing evidence
• Anti-forensics techniques adopted by attackers to discover cover-ups for cybersecurity incident
• Implement the appropriate techniques to different types of cybersecurity incidents systematically such as malware, network security, email security, web application security, cloud security, and insider threat-related incidents