The Certified Incident Handler program from EC-Council gives students the information, skills, and abilities they need to anticipate, address, and eliminate threats and threat actors in an incident. Together with practical laboratories that teach the tactical procedures and tactics necessary to successfully Plan, Record, Triage, Notify, and Contain, this ANAB-Accredited and US DoD 8140 approved program offers the full incident handling and response process. The management of different kinds of occurrences, risk assessment techniques, and incident handling regulations and policies will all be covered for the students. After taking the course, students will be able to develop IH&R policies and handle a variety of security incidents, including those involving malware, email, networks, web applications, cloud, and insider threats.
What will you learn
- Key issues plaguing the information security world.
- Various types of cybersecurity threats, attack vectors, threat actors, and their motives, goals, and objectives of cybersecurity attacks
- Various attack and defense frameworks (Cyber Kill Chain Methodology, MITRE ATT&CK Framework, etc.)
- Fundamentals of information security concepts (vulnerability assessment, risk management, cyber threat intelligence, threat modeling, and threat hunting)
- Various attack and defense frameworks (Cyber Kill Chain Methodology, MITRE ATT&CK Framework, etc.)
- Fundamentals of incident management (information security incidents, signs and costs of an incident, incident handling and response, and incident response automation and orchestration)
- Different incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Various steps involved in planning incident handling and response program (planning, recording and assignment, triage, notification, containment, evidence gathering and forensic analysis, eradication, recovery, and post-incident activities)
- Importance of first response and first response procedure (evidence collection, documentation, preservation, packaging, and transportation)
- How to handle and respond to different types of cybersecurity incidents in a systematic way (malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, insider threat-related incidents, and endpoint security incidents)
Exam Details
Number of Questions: 100
Exam Duration: 3 Hours
Exam Title: EC-Council Certified Incident Handler
Availability: EC-Council Exam Portal
Exam Format: Multiple Choice
Lessons:
