EC Council Certified Incident Handler Course and Exam

Document created by Matthew Bradley Employee on Oct 8, 2018Last modified by Megan Henderson on Jan 16, 2019
Version 2Show Document
  • View in full screen mode

Register Now 



In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us



The EC-Council Certified Incident Handler (ECIH) program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policies related to incident handling. After attending this course, they will be able to create incident handling and response policies as well as deal with various types of computer security incidents. The IT incident management training program will enable students to be proficient in handling and responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats. In addition, students will learn about computer forensics and its role in handling and responding to incidents. The course also covers incident response teams, incident management training methods, and incident recovery techniques in detail. The ECIH certification will provide professionals greater industry acceptance as the seasoned incident handler



• Incident handlers

• Risk assessors

• Pen testers

• Forensic Investigators

• System admins/engineers

• Firewall admins

• Vulnerability auditors

• IT managers and professional



3 days (ILT)


Prerequisite Knowledge/Skills

Students should have basic knowledge of general computer science and network topics.


Course Objectives

Upon successful completion of this course, participants should be able to:

• Principles, processes and techniques for detecting and responding to security threats/breaches

• Perform as a liaison to legal and regulatory bodies

• Learn to handle incidents and conduct assessments

• Cover various incidents like malicious code, network attacks, and insider attacks 


Course Outline

Introduction to Incident Response & Handling

Risk Assessment

Incident Response and Handling Steps


Handling Network Security Incidents

Handling Malicious Code Incidents

Handling Insider Threats

Forensic Analysis and Incident Response

Incident Reporting

Incident Recovery

Security Policies and Laws 



Register Now 



In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us