This course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats.

The EC-Council Certified Incident Handler program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats.

This certification will provide professionals greater industry acceptance as the seasoned incident handler.

The course covers computer forensics and its role in handling and responding to incidents; and it also covers incident response teams, incident reporting methods, and incident recovery techniques in detail. 

Download EC-Council Certification Track (pdf)

Objectives

Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policy related to incident handling.

After attending the course, they will be able to create incident handling and response policies and deal with various types of computer security incidents.

The comprehensive training program will make students proficient in handling and responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats. 

Audience

This course is aimed to:

  • Incident handlers
  • Risk assessment administrators
  • Penetration testers
  • Cyber forensic investigators
  • Vulnerability assessment auditors
  • System administrators and system engineers
  • Firewall administrators, network managers, IT managers
  • IT professionals and anyone who is interested in incident handling and response 


Prerequisites

The ECIH 212-89 exam will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the ECIH certification. 

Characteristics

The course has the following characteristics:

  • It is structured in thematic units, each of them presents a part of the theory followed by practical exercises of review and understanding.
  • The material used is in English and includes theory, practical exercises and complementary information.
  • Includes an EC-Council certification exam.
  • A certificate of completion is delivered.
  • Has a duration of 2 days.
  • Has a minimum capacity of 5 and a maximum of 25 participants.

Exam

The certification exam has the following characteristics:

  • Exam Code: 212-89
  • Number of Questions: 50
  • Passing Score: 70%
  • Test Duration: 2 hours
  • Test Format: Multiple choice
  • Delivery: EC-Council Exam Center 

Topics

The course has the following topics:

The course has the following topics:

  1. Introduction to Incident Response and Handling

  2. Risk Assessment

  3. Incident Response and Handling Steps

  4. CSIRT

  5. Handling Network Security Incidents

  6. Handling Malicious Code Incidents

  7. Handling Insider Threats

  8. Forensic Analysis and Incident Response

  9. Incident Reporting

  10. Incident Recovery

  11. Security Policies and Laws 

 

Advantages offered by Global Lynx

Our instructors are certified in different EC Council, Information Security, Cloud Computing and Risk Management disciplines and have an extensive experience in:

  • The design and implementation of Information Security Management Systems in the private and in the public sector.

  • The selection, implementation and configuration of tools and controls which support the Information Security management and which are the ones of most standing and acknowledgement in the market.

  • First and second level audits for Information Security Management Systems.

  • Teaching various ITSM, ISO, Information Security and Risk Management courses in the academic and professional field.

The participant receives a high quality, didactic material in English developed by EC-Council.