About Course

EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.

It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

Why Incident Handling Is a Must for Every Organization

  • 277 Days: Average time to identify and contain a data breach.
  • 49 Days: Ransomware breaches took 49 days longer than average to identify and contain.
  • 303 Days: Average time to identify and contain a supply chain compromise.

Despite all elementary security measures, organizations are still finding it difficult of withstand cyber attacks which weakens the very foundation of the organizations business processes.

An effective incident handling and response program ensures

  1. Quick detection
  2. Containment and systematic recovery with
  3. Quick healing and aims to reinstate business processes back to normal.

IS YOUR ORGANIZATION READY TO HANDLE THE NEXT INCIDENT EFFECTIVELY AND EFFICIENTLY?

Prepare to Handle and Respond to Security Incidents

This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.

It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

LEARN REAL-WORLD INCIDENT HANDLING SKILLS

Following a rigorous development, which included a careful Job Task Analysis (JTA) related to incident handling and incident first responder jobs, EC-Council developed a highly interactive, comprehensive, standards-based, intensive 3-day training program and certification that provides a structured approach to learning real-world incident handling and response requirements.

NOT ONLY DETECT BUT MANAGE SECURITY INCIDENTS

Organizations are under constant attack and with the knowledge and skills found in the E|CIH program, professionals can now not only detect incidents, but also quickly manage and respond holistically to these incidents.

MAPS TO INDUSTRY FRAMEWORKS

Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real scenarios. The E|CIH program includes handson learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.

METHOD DRIVEN PROGRAM

E|CIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organizations from future threats or attacks.

LEARN ALL STAGES IN INCIDENT HANDLING

This program addresses all the stages involved in incident handling and the response process to enhance your skills as an incident handler and responder, increasing your employability. This approach makes E|CIH one of the most comprehensive incident handling and response related certifications on the market today.

THINK GLOBAL EMPLOYABILITY

The skills taught in EC-Council’s E|CIH program are desired by cybersecurity professionals from around the world and is respected by employers.

E|CIH IS ONE OF THE BEST INCIDENT HANDLING PROGRAMS

  • Gain Access to new, advanced labs: The E|CIH program comes with access to over 50 labs, 800 tools, and 4 OSs!
  • Compliant with Major Industry Frameworks: 100% Complaint with the NICE 2.0 Framework AND CREST Framework.
  • Comprehensive Templates Available: A large array of templates, checklists, and cheat sheets.

E|CIH also Covers a Huge Variety of Security Incidents

  • Malware Incidents: Malware detections targeting businesses increased by 270 percent
  • Cloud Security Incidents: 681 million cyberattacks were launched against cloud customers in 2018
  • Email Security Incidents: 9 out of 10 infection attempts throughout the year were spam email
  • Web App Security Incidents: 3.6% of websites suffered web application attacks
  • Network Security Incidents: 21.2% of devices were exposed to network threats in the 1st month, rising to 43.7% after 4 months
  • Insider Threats: $8.76 million is the avg yearly cost of insider threats

Eligibility Criteria

To be eligible to sit the E|CIH Exam, the candidate must either:

Attend official E|CIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see https://iclass. eccouncil.org).

Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.

Exam Details

  • Exam Title: EC-Council Certified Incident Handler
  • Number of Questions: 100
  • Duration: 3 hours
  • Exam Format: Multiple Choice
  • Exam Availability: EC-Council Exam Portal

Show More

What Will You Learn?

  • Key issues plaguing the information security world
  • Various attack and defense frameworks (Cyber Kill Chain Methodology, MITRE ATT&CK Framework, etc.)
  • Various types of cybersecurity threats, attack vectors, threat actors, and their motives, goals, and objectives of cybersecurity attacks
  • Fundamentals of information security concepts (vulnerability assessment, risk management, cyber threat intelligence, threat modeling, and threat hunting)
  • Different incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
  • Importance of first response and first response procedure (evidence collection, documentation, preservation, packaging, and transportation)
  • Various steps involved in planning an incident handling and response program (planning, recording and assignment, triage, notification, containment, evidence gathering and forensic analysis, eradication, recovery, and post-incident activities)
  • Fundamentals of incident management (information security incidents, signs and costs of an incident, incident handling and response, and incident response automation and orchestration)
  • How to handle and respond to different types of cybersecurity incidents in a systematic way (malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, insider threat-related incidents, and endpoint security incidents)

Course Content

MODULE 01: INTRODUCTION TO INCIDENT HANDLING AND RESPONSE

  • Understand Information Security Threats and Attack Vectors
  • Explain Various Attack and Defense Frameworks
  • Understand Information Security Concepts
  • Understand Information Security Incidents
  • Understand the Incident Management Process
  • Understand Incident Response Automation and Orchestration
  • Describe Various Incident Handling and Response Best Practices
  • Explain Various Standards Related to Incident Handling and Response
  • Explain Various Cybersecurity Frameworks
  • Understand Incident Handling Laws and Legal Compliance

MODULE 02: INCIDENT HANDLING AND RESPONSE PROCESS

MODULE 03: FIRST RESPONSE

MODULE 04: HANDLING AND RESPONDING TO MALWARE INCIDENTS

MODULE 05: HANDLING AND RESPONDING TO EMAIL SECURITY INCIDENTS

MODULE 06: HANDLING AND RESPONDING TO NETWORK SECURITY INCIDENTS

MODULE 07: HANDLING AND RESPONDING TO WEB APPLICATION SECURITY INCIDENTS

MODULE 08: HANDLING AND RESPONDING TO CLOUD SECURITY INCIDENTS

MODULE 09: HANDLING AND RESPONDING TO INSIDER THREATS

MODULE 10: HANDLING AND RESPONDING TO ENDPOINT SECURITY INCIDENTS

Student Ratings & Reviews

5.0
Total 3 Ratings
5
3 Ratings
4
0 Rating
3
0 Rating
2
0 Rating
1
0 Rating
11 months ago
Informative, engaging, practical. The course delivers essential insights for those aiming to enhance their online marketing capabilities.
11 months ago
Engaging, practical, essential. The course equips learners to excel in online marketing strategies effectively and efficiently
11 months ago
Dynamic, practical, transformative. The course empowers learners to master effective online marketing strategies with confidence and clarity.

Related Courses

2
 (5.00/1 Reviews)

Chief Information Security Officer C|CISO

Accentrex Global
40
 (5.00/1 Reviews)

IoT Security Essentials I|SE

Accentrex Global
32
 (5.00/1 Reviews)

Digital Forensics Essentials D|FE

Accentrex Global