ECIH: Certified Incident Handler v3

This training addresses all the stages involved in incident handling and the response process to enhance your skills as an incident handler and responder, increasing your employability. This approach makes ECIH one of the most comprehensive incident handling and response related certifications on the market today.

This latest iteration of EC-Council’s Certified Incident Handler (ECIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe. It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

The ECIH program includes hands-on learning delivered through labs within the training program. It is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organizations from future threats or attacks.

Audience

The incident handling skills taught in this course are complementary to the job roles below as well as many other cybersecurity jobs:

• Penetration Testers
• Vulnerability Assessment Auditors
• Risk Assessment Administrators
• Network Administrators
• Application Security Engineers
• Cyber Forensic Investigators/ Analyst and SOC Analyst
• System Administrators/Engineers
• Firewall Administrators and Network Managers/IT Managers

Prerequisites

ECIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.

Learning objectives

• Understand the key issues plaguing the information security world
• Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
• Learn the fundamentals of incident management including the signs and costs of an incident
• Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
• Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts and regulations
• Decode the various steps involved in planning an incident handling and response program
• Gain an understanding of the fundamentals of computer forensics and forensic readiness
• Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
• Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
• Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents

Course outline

• Introduction to Incident Handling and Response
• Incident Handling and Response Process
• Forensic Readiness and First Response
• Handling and Responding to Malware Incidents
• Handling and Responding to Email Security Incidents
• Handling and Responding to Network Security Incidents
• Handling and Responding to Web Application Security Incidents
• Handling and Responding to Cloud Security Incidents
• Handling and Responding to Insider Threats

Read detailed course description from EC Council:
EC-Council Certified Incident Handler v2

Certification

ECIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling.

Exam Details

• Exam Title: EC Council Certified Incident Handler
• Exam Code: 212-89
• Number of Questions: 100
• Duration: 3 hours
• Test Format: Multiple Choice

Passing Score

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (i.e., different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts, ensuring that each of our exams is not only academically sound, but also has “real world” applicability. We apply an internal process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

Clause: Age Requirements and Policies Concerning Minors

Minors are not permitted to take the EC-Council exam without a written consent/indemnity letter signed by their parent or legal guardian, along with a supporting letter from their institution of learning. Only candidates from a nationally accredited institution of learning shall be considered.

Minor/Adult legal ages are defined by the country of residence/origin for the candidate. For further clarification or to submit a letter of consent, please contact certmanager@eccouncil.org. EC-Council reserves the right to revoke the certification status of candidates in case of non-compliance with this policy.

Disclaimer:

• EC-Council reserves the right to impose additional restriction to comply with the policy.
• EC-Council reserves the right to modify certification policies without notice.
• EC-Council reserves the right to revoke the certification of any person determined to be in breach of this policy.

For more information about the certification application process and eligibility criteria, please visit cert.eccouncil.org/

Andre relevante kurs