EC-Council’s Certified Incident Handler program provides students with the knowledge, skills, and abilities required to predict, address, and eradicate threats and threat actors during an incident. This ANAB-Accredited and US DoD 8140 approved program provides a comprehensive incident handling and response process, including actual laboratories that teach the tactical processes and tactics required to successfully Plan, Record, Triage, Notify, and Contain. The students will learn how to manage various types of events, risk assessment approaches, and incident handling regulations and procedures. After completing the course, students will be able to create IH&R policies and handle a wide range of security issues, including malware, email, networks, web applications, cloud, and insider threats.

What will you learn

1. Key concerns confronting the information security community.
2. Various forms of cybersecurity threats, attack vectors, threat actors, and their motives, goals, and objectives for cybersecurity attacks
3. Various attack and defense frameworks (such as the Cyber Kill Chain Methodology and the MITRE ATT&CK Framework)
4. Fundamentals of information security concepts: vulnerability assessment, risk management, cyber threat intelligence, threat modeling, and threat hunting.
5. Various attack and defense frameworks (Cyber Kill Chain Methodology, MITRE ATT&CK Framework, etc.)
6. Fundamentals of incident management (information security incidents, indicators and costs of an event, incident handling and response, and incident response automation and orchestration)
7. Various incident management and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations.
8. Various steps involved in planning incident handling and response programme (planning, recording and assignment, triage, notification, containment, evidence gathering and forensic investigation, eradication, recovery, and post-incident activities)
9. Importance of first response and its protocol (evidence collecting, documenting, preservation, packaging, and transportation).
10. How to handle and respond to several sorts of cybersecurity issues in a methodical manner (malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, insider threat-related incidents, and endpoint security incidents).

Exam Details

Number of Questions: 100
Exam Duration: 3 Hours
Exam Title: EC-Council Certified Incident Handler
Availability: EC-Council Exam Portal
Exam Format: Multiple Choice