Close

Certified
Incident Handler (ECIH)

Course Description

This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.

 

It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

 

E|CIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.

Penetration Testers

Vulnerability Assessment Auditors

Risk Assessment Administrators

Network Administrators

Application Security Engineers

Cyber Forensic Investigators/ Analyst and SOC Analyst

System Administrators/Engineers

Firewall Administrators and Network Managers/IT Managers

3 days (9am – 5pm)
24 hours total class time

The E|CIH exam can be attempted after the completion of the official E|CIH course taught either by any EC-Council Authorized Training Center (ATC) or by EC-Council directly. Candidates that successfully pass the exam will receive the E|CIH certificate and membership privileges. Members are required to adhere to the policies of EC-Council’s Continuing Education Policy.

Course outline

  • Introduction to Incident Handling and Response
  • Incident Handling and Response Process
  • Forensic Readiness and First Response
  • Handling and Responding to Malware Incidents
  • Handling and Responding to Email Security Incidents
  • Handling and Responding to Network Security Incidents
  • Handling and Responding to Web Application Security Incidents
  • Handling and Responding to Cloud Security Incidents
  • Handling and Responding to Insider Threats

Information about the course and the exam

What is ECIH?

ECIH has been designed and developed in collaboration with cybersecurity and incident handling/responsive experts across the globe. It is a comprehensive specialist level program, with C|EH and C|ND being the “Core” certifications, that teaches how organizations can effectively handle post breach consequences by reducing the impact of the incident, both financial and reputational.

Course Content

ECIH is a method-driven program which gives a holistic approach covering vast concepts concerning organizational incident handling and response from preparing/planning the incident handline response process to recovering organizational assets from the impact of security indicents. These concepts are highly essential for handling and responding the security incidents to secure the organization from future threats or attacks.

Who’s It For?

  • Those with the ambition to contain cyber threats
  • Mid-level to high-level cíbersecurity professionals with a minimum of 3 years of experience
  • Information security professionals who want to enrich their skills and knowledge in the field of incident handling and response

The Purpose of ECIH

  • To enable individuals and organizations with the ability to handle and respond to different types of cybersecurity incidents in a systematic way
  • To ensure that organizations can identify, contain, and recover from an attack
  • To minimize the loss and after-effects breach of an incident

How ECIH Benefits Individuals

  • Major hands-on component with 50 labs, 800 tools, and 4 OS
  • 100% compliant with the NICE 2.0 Framework and the CREST Framework
  • A large array of templates, check lists, and cheat sheets

Exam Information

  • EXAM TITLE
    EC-Council Certified Incident Handler
  • EXAM CODE
    212-89
  • # OF QUESTIONS
    100
  • DURATION
    3 Hours
  • AVAILABILITY
    ECC Exam Portal, Vue
  • TEST FORMAT
    Multiple Choice

Contact us!