Overview
- The EC-Council Certified Incident Handler (ECIH V2) Training and certification course will address the needs of the professionals who want to get equipped with the principles and knowledge for detecting and responding to the current security incidents and threats emerging in an information system.
- The course has been structured to equip professionals in creating incident handling codes, learning about laws and policies for incident handling and differentiating between various types of incidents such as network security incidents, malicious code incidents, and insider attack incidents.
Benefits
On completion of this training, you will know:
- Introduction to Incident Handling and Response
- Incident Handling and Response Process
- Forensic Readiness and First Response
- Handling and Responding to Malware Incidents
- Handling and Responding to Email Security Incidents
- Handling and Responding to Network Security Incidents
- Handling and Responding to Web Application Security Incidents
- Handling and Responding to Cloud Security Incidents
- Handling and Responding to Insider Threats
The Main Topic of the Course
- Module 1: Introduction to Incident Handling and Response
- Module 2: Incident Handling and Response Process
- Module 3: Forensic Readiness and First Response
- Module 4: Handling and Responding to Malware Incidents
- Module 5: Handling and Responding to Email Security Incidents
- Module 6: Handling and Responding to Network Security Incidents
- Module 7: Handling and Responding to Web Application Security Incidents
- Module 8: Handling and Responding to Cloud Security Incidents
- Module 9: Handling and Responding to Insider Threats
Course Requirements
- Knowledge of networking and operating systems
- One year of experience managing Windows/Unix/Linux systems or have equivalent knowledge and skills
- Good understanding of common network and security services is required
Target Audience
- Incident handlers
- Risk assessment administrators
- Penetration testers
- Cyber forensic investigators
- Venerability assessment auditors
- System administrators and engineers
- Firewall administrators
- Network managers
- IT managers
LAB Requirement
It is recommended to have LAB in this course
Main Course Objectives
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
- Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
