Course Name

Certified Incident Handler v2

Course Introduction

This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.

It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.

Learn real world incident handling skills.
Not only detect but manage security incidents.
Maps to industry frameworks.
Method driven program.
Learn all stages in incident handling.
Think global employability.

Course Delivery Method

Our courses have flexible delivery options:

In-person classroom training at the Impactful training
facilities
- Johannesburg, Durban, Cape Town
Virtual instructor-led training
Nationally: on-site at the client

Course Intended Audience

This course is intended for:

Penetration Testers
Application Security Engineers
Vulnerability Assessment Auditors
Cyber Forensic Investigators/Analysts and SOC Analysts
Risk Assessment Administrators
System Administrators/Engineers
Network Administrators
Firewall Administrators and Network Managers/IT

Course Prerequisites

Mid-Level to High-Level Cyber Security Professionals with a minimum of 3 years of experience. Information security professionals who want to enrich their skills and knowledge in the field of incident

Course Objectives

The ECIH program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats.

The comprehensive training program will make students proficient in handling as well as responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats.

Principals, processes, and techniques for detecting and responding to security threats/breaches.
Liaison with legal and regulatory bodies.
Learn to handle incidents and conduct assessments.
Cover various incidents like malicious code, network attacks, and insider attacks.

Course Content

Module 01: Introduction to Incident Handling and Response
- Overview of Information Security Concepts
- Understanding Information Security Threats and Attack Vectors
- Understanding Information Security Incident
- Overview of Incident Management
- Overview of Vulnerability Management
- Overview of Threat Assessment
- Understanding Risk Management
- Understanding Incident Response Automation and Orchestration
- Incident Handling and Response Best Practices
- Overview of Standards
- Overview of Cybersecurity Frameworks
- Importance of Laws in Incident Handling
- Incident Handling and Legal Compliance
Module 02: Incident Handling and Response Process
- Overview of Incident Handling and Response (IH&R) Process
- Preparation for Incident Handling and Response
- Incident Recording and Assignment
- Incident Triage
- Notification
- Containment
- Evidence Gathering and Forensics Analysis
- Eradication
- Recovery
- Post-Incident Activities
Module 03: Forensic Readiness and First Response
- Introduction to Computer Forensics
- Overview of Forensic Readiness
- Overview of First Response
- Overview of Digital Evidence
- Understanding the Principles of Digital Evidence Collection
- Collecting the Evidence
- Securing the Evidence
- Overview of Data Acquisition
- Understanding the Volatile Evidence Collection
- Understanding the Static Evidence Collection
- Performing Evidence Analysis
- Overview of Anti-Forensics
Module 04: Handling and Responding to Malware Incidents
- Overview of Malware Incident Response
- Preparation for Handling Malware Incidents
- Detecting Malware Incidents
- Containment of Malware Incidents
- Eradication of Malware Incidents
- Recovery after Malware Incidents
- Guidelines for Preventing Malware Incidents
Module 05: Handling and Responding to Email Security Incidents
- Overview of Email Security Incidents.
- Preparation for Handling Email Security Incidents
- Detection and Containment of Email Security Incidents
- Eradication of Email Security Incidents
- Recovery after Email Security Incidents
Module 06: Handling and Responding to Network Security Incidents
- Overview of Network Security Incidents
- Preparation for Handling Network Security Incidents
- Detection and Validation of Network Security Incidents
- Handling Unauthorized Access Incidents
- Handling Inappropriate Usage Incidents
- Handling Denial-of-Service Incidents
- Handling Wireless Network Security Incidents
Module 07: Handling and Responding to Web Application Security Incidents
- Overview of Web Application Incident Handling
- Web Application Security Threats and Attacks
- Preparation to Handle Web Application Security Incidents
- Detecting and Analyzing Web Application Security Incidents
- Containment of Web Application Security Incidents
- Eradication of Web Application Security Incidents
- Recovery from Web Application Security Incidents
- Best Practices for Securing Web Applications
Module 08: Handling and Responding to Cloud Security Incidents
- Cloud Computing Concepts
- Overview of Handling Cloud Security Incidents
- Cloud Security Threats and Attacks
- Preparation for Handling Cloud Security Incidents
- Detecting and Analyzing Cloud Security Incidents
- Containment of Cloud Security Incidents
- Eradication of Cloud Security Incidents
- Recovering from Cloud Security Incidents
- Best Practices Against Cloud-based Incidents
Module 09: Handling and Responding to Insider Threats
- Introduction to Insider Threats
- Preparation for Handling Insider Threats
- Detecting and Analyzing Insider Threats
- Containment of Insider Threats
- Eradication of Insider Threats
- Recovery after Insider Attacks
- Best Practices Against Insider Threats

Course Associated Exam and Certification

Exam title: EC-Council Certified Incident Handler
Exam code: 212-89
Number of questions: 100
Duration: 4 Hours
Availability: EC-Council Exam Portal
Test Format: Multiple Choice
Passing Score: 70%

L❤ ve this. Share it now!

Need additional information?

We are here to support your growth every step of the way

Get in touch

Contact the Impactful team if you need any assistance.

Email: impactful@lrmg.co.za
Tel: +27 87 941 5764

Course Introduction

Learn real world incident handling skills.
Not only detect but manage security incidents.
Maps to industry frameworks.
Method driven program.
Learn all stages in incident handling.
Think global employability.

Course Delivery Method

Our courses have flexible delivery options:

In-person classroom training at the Impactful training
facilities
- Johannesburg, Durban, Cape Town
Virtual instructor-led training
Nationally: on-site at the client

Course Intended Audience

This course is intended for:

Penetration Testers
Application Security Engineers
Vulnerability Assessment Auditors
Cyber Forensic Investigators/Analysts and SOC Analysts
Risk Assessment Administrators
System Administrators/Engineers
Network Administrators
Firewall Administrators and Network Managers/IT

Course Prerequisites

Mid-Level to High-Level Cyber Security Professionals with a minimum of 3 years of experience. Information security professionals who want to enrich their skills and knowledge in the field of incident

Course Objectives

Principals, processes, and techniques for detecting and responding to security threats/breaches.
Liaison with legal and regulatory bodies.
Learn to handle incidents and conduct assessments.
Cover various incidents like malicious code, network attacks, and insider attacks.

Course Content

Module 01: Introduction to Incident Handling and Response
- Overview of Information Security Concepts
- Understanding Information Security Threats and Attack Vectors
- Understanding Information Security Incident
- Overview of Incident Management
- Overview of Vulnerability Management
- Overview of Threat Assessment
- Understanding Risk Management
- Understanding Incident Response Automation and Orchestration
- Incident Handling and Response Best Practices
- Overview of Standards
- Overview of Cybersecurity Frameworks
- Importance of Laws in Incident Handling
- Incident Handling and Legal Compliance
Module 02: Incident Handling and Response Process
- Overview of Incident Handling and Response (IH&R) Process
- Preparation for Incident Handling and Response
- Incident Recording and Assignment
- Incident Triage
- Notification
- Containment
- Evidence Gathering and Forensics Analysis
- Eradication
- Recovery
- Post-Incident Activities
Module 03: Forensic Readiness and First Response
- Introduction to Computer Forensics
- Overview of Forensic Readiness
- Overview of First Response
- Overview of Digital Evidence
- Understanding the Principles of Digital Evidence Collection
- Collecting the Evidence
- Securing the Evidence
- Overview of Data Acquisition
- Understanding the Volatile Evidence Collection
- Understanding the Static Evidence Collection
- Performing Evidence Analysis
- Overview of Anti-Forensics
Module 04: Handling and Responding to Malware Incidents
- Overview of Malware Incident Response
- Preparation for Handling Malware Incidents
- Detecting Malware Incidents
- Containment of Malware Incidents
- Eradication of Malware Incidents
- Recovery after Malware Incidents
- Guidelines for Preventing Malware Incidents
Module 05: Handling and Responding to Email Security Incidents
- Overview of Email Security Incidents.
- Preparation for Handling Email Security Incidents
- Detection and Containment of Email Security Incidents
- Eradication of Email Security Incidents
- Recovery after Email Security Incidents
Module 06: Handling and Responding to Network Security Incidents
- Overview of Network Security Incidents
- Preparation for Handling Network Security Incidents
- Detection and Validation of Network Security Incidents
- Handling Unauthorized Access Incidents
- Handling Inappropriate Usage Incidents
- Handling Denial-of-Service Incidents
- Handling Wireless Network Security Incidents
Module 07: Handling and Responding to Web Application Security Incidents
- Overview of Web Application Incident Handling
- Web Application Security Threats and Attacks
- Preparation to Handle Web Application Security Incidents
- Detecting and Analyzing Web Application Security Incidents
- Containment of Web Application Security Incidents
- Eradication of Web Application Security Incidents
- Recovery from Web Application Security Incidents
- Best Practices for Securing Web Applications
Module 08: Handling and Responding to Cloud Security Incidents
- Cloud Computing Concepts
- Overview of Handling Cloud Security Incidents
- Cloud Security Threats and Attacks
- Preparation for Handling Cloud Security Incidents
- Detecting and Analyzing Cloud Security Incidents
- Containment of Cloud Security Incidents
- Eradication of Cloud Security Incidents
- Recovering from Cloud Security Incidents
- Best Practices Against Cloud-based Incidents
Module 09: Handling and Responding to Insider Threats
- Introduction to Insider Threats
- Preparation for Handling Insider Threats
- Detecting and Analyzing Insider Threats
- Containment of Insider Threats
- Eradication of Insider Threats
- Recovery after Insider Attacks
- Best Practices Against Insider Threats

Course Exam And Certification

Exam title: EC-Council Certified Incident Handler
Exam code: 212-89
Number of questions: 100
Duration: 4 Hours
Availability: EC-Council Exam Portal
Test Format: Multiple Choice
Passing Score: 70%

Are you ready to start?

Certified global best practices in the new technologies…

Get ahead with your IT and Digital Talent development

Please complete the form with your information and one of our experts will get back to you soon.

Get in touch

Contact the Impactful team if you need any assistance.

Email: impactful@lrmg.co.za
Tel: +27 87 941 5764

Courses & Certifications

Featured

Empowering Women in Tech: The Power of Support

IT Capability Academies

Featured

Empowering Women in Tech: The Power of Support

About Us

Featured

Empowering Women in Tech: The Power of Support

Certified Incident Handler v2

Course Introduction

Course Delivery Method

Course Intended Audience

Course Prerequisites

Course Objectives

Course Content

Course Associated Exam and Certification

L❤ ve this. Share it now!

Course Introduction

Course Delivery Method

Course Intended Audience

Course Prerequisites

Course Objectives

Course Content

Course Exam And Certification

Are you ready to start?

Get ahead with your IT and Digital Talent development

Testing Elementor conditions

Testing Elementor conditions

Testing Elementor conditions

Testing Elementor conditions

Courses & Certificates

IT Capability Academics

Assessments

Learnerships

Resources

Company

Offices

Courses & Certifications

Featured

Empowering Women in Tech: The Power of Support

IT Capability Academies

Featured

Empowering Women in Tech: The Power of Support

About Us

Featured

Empowering Women in Tech: The Power of Support

Certified Incident Handler v2

Course Introduction

Course Delivery Method

Course Intended Audience

Course Prerequisites

Course Objectives

Course Content

Course Associated Exam and Certification

L❤ ve this. Share it now!

Course Introduction

Course Delivery Method

Course Intended Audience

Course Prerequisites

Course Objectives

Course Content

Course Exam And Certification

Are you ready to start?

Get ahead with your IT and Digital Talent development

Testing Elementor conditions

Testing Elementor conditions

Testing Elementor conditions

Testing Elementor conditions

Courses & Certificates

IT Capability Academics

Assessments

Learnerships

Resources

Company

Offices

Join our Newsletter