Leader in the cybersecurity training sector.

Contact

EC-Council Certified Incident Handler (ECIH) 

Catégorie
Satisfaction rate
4.8
Success rate
4.9

Description

EC-Council's Certified Incident Handler programme provides students with the knowledge, skills and abilities to effectively prepare for, respond to and eradicate threats and malicious actors during an incident.

This programme covers the entire incident management and response process, as well as practical laboratories that teach the tactical procedures and techniques required to plan, record, triage, notify and contain incidents effectively. Students will learn how to manage different types of incidents, risk assessment methodologies, and laws and policies related to incident management. After completing the course, students will be able to create incident management and response (IH&R) policies and deal with different types of security incidents such as malware, email security, network security, web application security, cloud security, and insider threat incidents.

E|CIH (EC-Council Certified Incident Handler) certification also covers post-incident activities such as containment, eradication, evidence collection and forensic analysis, which can lead to legal action or the implementation of countermeasures to prevent a recurrence of the incident.

The E|CIH is a method-based course that offers a holistic approach covering broad concepts related to organisational incident management and response, from preparing/planning the incident management process to recovering organisational assets affected by security incidents. These concepts are essential for dealing with and responding to security incidents in order to protect organisations against future threats or attacks.

With more than 95 advanced laboratories, 800 tools covered, and exposure to incident management activities on numerous operating systems, the E|CIH offers a comprehensive yet tactical approach to planning for and dealing with cyber incidents.

The E|CIH programme covers all stages of the incident management and response process, and this focus on a realistic and forward-looking approach makes E|CIH certification one of the most comprehensive on the market for incident management and response.

Target group

  • SOC analysts, cybersecurity consultants, technical managers. 
  • CSIRT/CERT team members. 
  • CISOs, DPOs, IT experts with a role in incident response. 

Program

  • Duration : 5 days

Day 1: 

  • M1 - Introduction to incident management  
  • M2 - IH&R process  
  • M3 - IH&R preparation and policy 

 

- Understanding the IH&R cycle according to NIST SP 800-61r2  

- Drawing up an incident response plan  
Labs : plan creation, incident classification, document management 

 

Day 2 :

  • M4 - Threat analysis & evidence gathering  
  • M5 - Response to malware incidents 
 

- Methodology for collecting artefacts  
- Malware detection, analysis and eradication  
Labs : sandboxingbasic reverse engineering, antivirus signature 

 

Day 3 : 

  • M6 - Email security  
  • M7 - Network security  
  • M8 - Web application security
 

- Reacting to massive phishing or spear-phishing  
- Network analysis with Wireshark and OSSIM  
- Response to web attacks (SQLiXSS)  
Labs message reconstruction, log analysis, web exploitation 

 

 

Day 4 : 

  • M9 - Cloud incidents (AWS, Azure)  
  • M10 - Endpoint, IoT and Mobile incidents  
  • M11 - Internal threats 
 

- Investigation of SaaS / IaaS environments  
- Detection of unauthorised access or abuse of rights  
- Behavioural analysis and shadow IT  
Labs : cloud log, mobile audit, Windows logs analysis 

 

Day 5 : 

  • M12 - Playbooks, reporting & communication  
    Final CTF simulation + exam preparation 
 

- Define response models and KPIs  
- End-to-end incident simulation (CTF)  
- Collective proofreading, advice on passing exams  
Labs Final report, oral presentation, practice MCQ questions 

Goal

  • Mastering the entire incident management process in accordance with international standards (NIST, CREST). 
  • Detecting, analysing, containing, eradicating and remedying all types of security incident. 
  • Training in technical, organisational and legal responses to cyber attacks. 
  • Handle over 95 technical labs in a realistic environment, linked to current incidents (phishing, malware, web, cloud, endpoint, etc.). 
  • Preparing effectively for the exam EC-Council ECIH (212-89). 

Recommended

  • Basic knowledge of IT security, networks and OS. 
  • Experience in security supervision or operational IT (recommended)
View the brochure for this training
  • Language : English
  • Level : Advanced
  • Certification body : EC-Council
  • Certification: Yes
  • Accessibility : Yes
  • Duration: 5 days
Contact us
Book Now

Important information:

Our courses are not registered with the Répertoire National des Certifications Professionnelles (RNCP), but they do comply with the requirements of the Répertoire Spécifique (RS).

Réserver l’événement

icône Form/calendar icon
icône Form/ticket icon
icône Form/up small icon icône Form/down small icon
Billets disponibles: Illimité
Le billet de "" est épuisé. Vous pouvez essayer un autre billet ou une autre date.

We use cookies to improve your experience. See our Cookie policy and our Privacy policy.

Information request

I would like more information about your training courses

ACG Cyberacademy collects and uses the data provided via this form in order to process your registration requests. Fields marked with an * are required. The other information enables us to optimise the follow-up of your request and the quality of our customer relations.