Length: 3 Days
CertificationsEC-Council Certified Incident Handler (ECIH)
The EC-Council Certified Incident Handler program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system.
The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies and various laws and policies related to incident handling.
Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real-scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.
E|CIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organisational incident handling and response from preparing and planning the incident handling response process to recovering organisational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organisations from future threats or attacks.
E|CIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. It is recommended that one needs to have at least 1 year of experience in the cybersecurity domain in order to maximise course outcomes.
You should also have some understanding of networks and computer systems:
- Basic computer literacy
- Basic PC operating system navigation skills
- Basic internet usage skills
- Basic address knowledge
WHAT YOU’LL LEARN
Attendees will learn:
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
- Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
WHO SHOULD ATTEND
The incident handling skills taught in this course are complementary to the job roles below as well as many other cybersecurity jobs:
- Penetration Testers
- Vulnerability Assessment Auditors
- Risk Assessment Administrators
- Network Administrators
- Application Security Engineers
- Cyber Forensic Investigators / Analyst and SOC Analyst
- System Administrators/Engineers
- Firewall Administrators and Network
- Managers/IT Managers
We can also deliver and customise this training course for larger groups – saving your organisation time, money and resources. For more information, please contact us on 0800 835 835.
Module 01: Introduction to Incident Handling and Response
Module 02: Incident Handling and Response Process
Module 03: Forensic Readiness and First Response
Module 04: Handling and Responding to Malware Incidents
Module 05: Handling and Responding to Email Security Incidents
Module 06: Handling and Responding to Network Security Incidents
Module 07: Handling and Responding to Web Application Security Incidents
Module 08: Handling and Responding to Cloud Security Incidents
Module 09: Handling and Responding to Insider Threats