Become a
EC-Council Certified Incident Handler (ECIH)
CERTIFIED PROFESSIONALS
IN 145 COUNTRIES
Enroll now to get details on Plans & Pricing
EC-Council Certified Incident Handler v2
Prepare to Handle and Respond to Security Incidents
This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.
It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.
Following a rigorous development which included a careful Job Task Analysis (JTA) related to incident handling and incident first responder jobs, EC-Council developed a highly interactive, comprehensive, standards-based, intensive 3-day training program and certification that provides a structured approach to learning real-world incident handling and response requirements.
“Organizations are looking for professional incident handlers and response personnel who can prepare security policies and plans to tackle incidents with efficacy in time-constrained scenarios in order to reduce the impact of incidents.”
– Jay Bavisi, President of EC-Council Group
Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real-scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.
E|CIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organizations from future threats or attacks.
NEED TRAINING?EC-Council’s Official delivery platform includes your study material, virtual labs and gives you the most flexible options for training to fit your busy work schedule! |
Training Options Talk to an Expert |
Enroll now to get details on Plans & Pricing
Learn All Stages in Incident Handling
This program addresses all the stages involved in incident handling and the response process to enhances your skills as an incident handler and responder, increasing your employability. This approach makes E|CIH one of the most comprehensive incident handling and response related certifications on the market today.
The skills taught in EC-Council’s E|CIH program are desired by cybersecurity professionals from around the world and is respected by employers.
The Purpose of E|CIH is
- To enable individuals and organizations with the ability to handle and respond to different types of cybersecurity incidents in a systematic way.
- To ensure that organization can identify, contain, and recover from an attack.
- To reinstate regular operations of the organization as early as possible and mitigate the negative impact on the business operations.
- To be able to draft security policies with efficacy and ensure that the quality of services is maintained at the agreed levels.
- To minimize the loss and after-effects breach of the incident.
- For individuals: To enhance skills on incident handling and boost their employability.
Why Incident Handling Is a Must for Every Organization
Despite all elementary security measures, organizations are still finding it difficult to withstand cyberattacks. The least of the consequences caused by the attacks are weakening the very foundation of the organization’s business processes. An effective incident handling and response program ensures quick healing by reducing the time spent on containment and aims to reinstate business processes to the expected level of quality.
Enroll now to get details on Plans & Pricing
How E|CIH Benefits Individuals
Gain Access to new, advanced Labs: The E|CIH Program comes with access to over 50 labs, 800 tools, and 4 OSs
Compliant with Major Industry Frameworks: 100% Complaint with the NICE 2.0 Framework and the CREST Framework
Comprehensive Templates Available: A large array of templates, check lists, and cheat sheets
E|CIH also Covers a Huge Variety of Security Incidents
Malware Incidents
Malware detections targeting businesses increased by 270 percent
Cloud Security Incidents
681 million cyberattacks were launched against cloud customers in 2018
Email Security Incidents
9 out of 10 infection attempts throughout the year were spam email
Web App Security Incidents
3.6% of websites suffered web application attacks
Network Security Incidents
21.2% of devices were exposed to network threats in the 1st month, rising to 43.7% after 4 months
Insider Threats
$8.76 million is the avg yearly cost of insider threats
Learning Objectives of E|CIH Program
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
- Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
Enroll now to get details on Plans & Pricing
Prepare to Handle and Respond to Security Incidents
Organizations are under constant attacks and with the knowledge and skills found in the E|CIH program, professionals can now not only detect incidents, but also quickly manage and respond holistically to these incidents.
E|CIH is a highly interactive, comprehensive, high-standard, intensive 3-day training program that teaches information security professionals to behave professional incident handlers and gain a distinct identity than other security professionals. The program teaches all the necessary components of incident handling, containment and reinstating the IT infrastructure.
About the Program
Course Duration:Total Training 3 Days or 24 hours total class time
Certification:
The E|CIH exam can be attempted after the completion of the official E|CIH course taught either by any EC-Council Authorized Training Center (ATCs) or by EC-Council directly. Candidates that successfully pass the exam will receive the E|CIH certificate and membership privileges. Members are required to adhere to the policies of EC-Council’s Continuing Education Policy.
About the Exam
E|CIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling
| Exam Title | EC-Council Certified Incident Handler |
| Exam Code | 212-89 |
| Number of Questions | 100 |
| Duration | 3 hours |
| Availability | EC-Council Exam Portal |
| Test Format | Multiple Choice |
| Passing Score | In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has real world applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall cut score for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%. |
Eligibility Criteria
To be eligible to sit the E|CIH Exam, the candidate must either:
Attend official E|CIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see https://iclass.eccouncil.org).
OR
Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.
Clause: Age Requirements and Policies Concerning Minors
The age requirement for attending the training or the exam is restricted to any candidate that is permitted by his/her country of origin/residency.
If the candidate is under the legal age as permitted by his/her country of origin/residency, they are not eligible to attend the official training or eligible to attempt the certification exam unless they provide the accredited training center/EC-Council a written consent/indemnity of their parent/legal guardian and a supporting letter from their institution of higher learning. Only candidates from a nationally accredited institution of higher learning shall be considered.
Who Is It For?
The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:
- Penetration Testers
- Vulnerability Assessment Auditors
- Risk Assessment Administrators
- Network Administrators
- Application Security Engineers
- Cyber Forensic Investigators/ Analyst and SOC Analyst
- System Administrators/Engineers
- Firewall Administrators and Network Managers/IT Managers
E|CIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.
E|CIH members are ambitious security professionals who work in Fortune 500 organizations globally.
Click here
Training Options
iLearn (Self-Study)
This solution is an asynchronous, self-study environment which delivers EC-Council’s sought after IT Security training courses in a streaming video format.
Masterclass
This solution offers you the opportunity to learn from world-class instructors and the opportunity to collaborate with top Infosecurity professionals.
Training Partner (In Person)
This solution offers “in-person” training so that you can get the benefit of collaborating with your peers and gaining real-world skills, conveniently located in your backyard.
Course Outline
- Module 01: Introduction to Incident Handling and Response
- Module 02: Incident Handling and Response Process
- Module 03: Forensic Readiness and First Response
- Module 04: Handling and Responding to Malware Incidents
- Module 05: Handling and Responding to Email Security Incidents
- Module 06: Handling and Responding to Network Security Incidents
- Module 07: Handling and Responding to Web Application Security Incidents
- Module 08: Handling and Responding to Cloud Security Incidents
- Module 09: Handling and Responding to Insider Threats
Testimonials
[feedzy-rss feeds=”ecih-testimonials” max=”3″ feed_title=”no” refresh=”1_hours” sort=”date_desc” title=”100″ meta=”no” summary=”no” summarylength=”150″ size=”300″ thumb=”yes” default=”https://www.eccouncil.org/wp-content/uploads/2019/03/ECC-blog.jpg” ]
Available to US Residents Only.
Download Whitepapers
10 Deadly Sins of Incident Handling
ECIHv2 is the Most Desirable Program as per the
Top Incident Handling Professionals Globally
Enroll now to get details on Plans & Pricing
CYBER SHOTS
Quick, punchy updates on Cyber trends, news and links to free resources. Only via Telegram and Signal. Join the groups now!
Click Here
Click Here
Download EC-Council Certification Track
