Ec-council | Learning

The EC-Council Certified Incident Handler certification provides students with a method-based program that uses a holistic approach to cover broad concepts of organizational incident management and response, from the preparation and planning of the incident response process to the recovery of the organization's assets following a security incident. The skills taught in EC-Council's ECIH program are sought out by cybersecurity professionals around the world and are respected by employers.

What you will learn:

• Key issues affecting the world of information security
• Different types of cybersecurity threats, attack vectors, threat actors, and their motives, objectives and goals of cybersecurity attacks
• Various attack and defence frameworks (e.g. Cyber Kill Chain Methodology, MITRE ATT&CK Framework, etc.)
• The fundamentals of information security concepts (vulnerability assessment, risk management, cyber threat intelligence, threat modelling and threat tracking)
• The fundamentals of incident management (information security incidents, signs and costs of an incident, incident management and response, and automation and orchestration of incident response)
• Various best practices, standards, cybersecurity frameworks, laws, acts and regulations related to incident management and response
• The various steps involved in planning an incident management and response program (planning, recording and assigning, sorting, reporting, containment, gathering evidence and forensic analysis, eradication, recovery and post-incident activities)
• The importance of the first response and the first response procedure (evidence collection, documentation, preservation, packaging and transport)
• How to manage and respond to various types of cybersecurity incidents systematically (malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, internal threats and terminal security incidents)