EC Council Certified Incident Handler V2 Certification
No. of Hours
4 Hours per day
(Mon-Thu) & (Sat-Sun)
- Course Outline
- Batch Details
- Free Resources
What is Incident Handling? What is the role of a Certified Incident Handler?
Incident Handling is a systematic preparation to handle and respond to cyber security incidents such as breaches, cyber attacks. Incident Handlers are professionals who methodically handle the security breach incident and help companies recover from the attack.
Are you passionate about a career in Cyber Security? Come join the Certified Incident Handler Training course offered by I-Medita. It will make you proficient at handling and responding to security breach incidents systematically.
As a certified Incident Handler, you are expected to handle and respond to incidents of cyber-security breaches in a methodical way. You must effectively discover, manage and help the organization recover from the attack and resume regular operations as quickly as possible. You should be able to minimize the effect of the attack. You should draft stringent security policies to ensure the quality standards of security services are adhered to.
There are 4 major steps in the process of Incident Handling.
- Preparation and Planning for handling incidents : This stage involves defining steps and methods to prevent an attack and also How to respond quickly and effectively, in the unfortunate event of an attack.
- Identification of the attack – involves identifying the form and mode of attack in order to define the action plan to limit the damage.
- Containment of the attack – which involves minimizing the impact of the attack by protecting other systems, networks from being affected by the attack.
- Recovery and Analysis – involves taking appropriate measures and steps to get the business back on track within minimum possible timeframe. Then analyzing why did the attack take place, could it have been prevented or handled better and how to prevent any such events in future and so on.
Why I-Medita Certified Incident Handler (ECIH) Training Course?
The International Council of E-Commerce Consultants (EC-Council) has designed the Certified Incident Handler course with inputs from cyber security and incident handling and response experts worldwide. It covers a variety of security incidents and all the stages in Incident handling. You learn the most systematic approach to handle and respond to real-world incidents.
I-Medita is an authorized Training Partner and Exam Center of EC Council Certified Incident Handler V2 Course.
I-Medita ECIH Training course curriculum covers all modules included in the EC Council Blue Print for Certified Incident Handler Certification (ECIH Certification).
I-Medita organizes a 2 hours Free Demo Session to understand how our ECIH classroom lectures are delivered. You can also obtain guidance regarding career opportunities as a Certified Incident Handler.
The most significant benefits of I-Medita Certified Incident Handler course are:
- This course teaches all stages in Incident Handling and response process.
- Focuses on handling a variety of security incidents such as malware incidents, cloud security incidents, email security incidents, web apps security incidents, network security incidents, insider threats
- You will gain access to advanced Labs and tools, for Incident Handling
- 100% Compliant with NICE 2.0 framework and CREST framework
- Gain access to a large collection of templates, check lists, and cheat sheets
- Learn with Certified Trainers and Industry Experts
- 24*7 access to state of the art Labs with ultra modern equipments
- 24*7 Learning support to solve queries via Chat, WhatsApp and Emails
- 100% Placement assistance, interview preparation, question banks, resume templates
- Free refresher and backup classes.
- Authorized Training Completion Certification.
- Ideal preparation for the renowned EC-Council Certified Incident Handler exam.
- I-Medita is an authorized EC Council Training Partner and Exam Testing Center.
What are the pre-requisites for Incident Handler Certification Course?
It is recommended that you must have at least one year experience in cyber security domain.
Who should pursue the Incident Handler Certification Course?
ECIH is a specialist program for mid-level to high-level cyber security professionals. Incident Handling skills are complementary to cyber security professionals, who are currently performing the roles of:
- Penetration Testers
- Vulnerability Assessment Auditors
- Risk Assessment Administrators
- Network Administrators
- Application Security Engineers
- Cyber Forensic Investigators/ Analyst and SOC Analyst
- System Administrators/Engineers
- Firewall Administrators and Network Managers/IT Managers
Training Cost and Duration
|EC Council Certified Incident Handler V2 Certification|
|Track||Regular (Mon-Fri)||Weekend (Sat-Sun)|
4 Hours per day
4 Hours per day
What you will learn in the Certified Incident Handler Training Course?
You will learn a comprehensive and systematic approach for real-world Incident Handling and Response. You will understand in-depth all 9 stages of Incident handling right from Planning, Recording & Assignment, Triage, Notification, Containment, Evidence Gathering & Forensic Analysis, Eradication, Recovery, to Post-Incident Activities. You will gain ample hands-on practice of the best tools and techniques via advanced labs and tools. You will become skilled at handling a variety of security incidents right from malware incidents to insider threats.
You will gain profound knowledge of:
- Combating different types of cyber security threats, attack vectors, threat actors and their motives.
- Basics of incident management including the signs and costs of an incident.
- Essential elements of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Incident handling and response best practices, standards, cyber security frameworks, laws, acts, and regulations
- Decoding the various steps involved in planning an incident handling and response program
- Fundamentals of computer forensics and forensic readiness
- Importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Anti-forensics techniques used by attackers to find cyber security incident cover-ups
- How to apply the right techniques to different types of cyber security incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents
What is the Certified Incident Handler Certification Course Curriculum?
I-Medita Certified Incident Handler Training course curriculum adheres to EC Council Blue Print for completion of EC Council Certified Incident Handler Certification. The Course Modules are:
- Introduction to Incident Handling and Response
- Incident Handling and Response Process
- Forensic Readiness and First Response
- Handling and Responding to Malware Incidents
- Handling and Responding to Email Security Incidents
- Handling and Responding to Network Security Incidents
- Handling and Responding to Web Application Security Incidents
- Handling and Responding to Cloud Security Incidents
- Handling and Responding to Insider Threats
For more in-depth course curriculum information – please check Certified Incident Handler Certification Training Course Curriculum Details.
EC Council Certified Incident Handler Certification – Exam Preparation
EC Council Certified Incident Handler Certification (ECIH Certification) is granted by the world renowned International Council of E-Commerce Consultants (EC-Council).
This certification validates an individual’s mastery of the knowledge and skills required for Incident Handling.
|Exam Title||Exam Code|
|EC-Council Certified Incident Handler||212-89|
Frequently Asked Questions
What is Eligibility Criteria for EC Certified Incident Handler (ECIH) Certification?
You must have at least One year of work experience in the domain to attempt ECIH certification. You have to provide a proof of the same along with the application.
Option 1: If you attend Official Training at an accredited Training Center, you can attempt the Certification exam without going through application process.
Option 2: If you have not attended any Official Training, your application must first be approved via the eligibility application process.
Where can you appear for ECIH Certification Exam?
The ECIH exam is only available at the EC Council Exam Portal. I-Medita is an authorized EC Council Training Partner AND Exam Center.
What is the format of ECIH Certification exam, duration, what types of questions, passing criteria, number of attempts allowed?
ECIH Exam consists of 100 multiple choice questions to be answered in 3 hours. The cut off passing score is 70%.
If a candidate does not clear the exam on the first attempt, you can appear for the 1st retake immediately without any waiting period. However, thereafter you have to wait for a period of 14 days between every next attempt. You cannot attempt an exam more than 5 times in a year.
Exam Topics & Weightage for each Topic in ECIH Exam
Please note: The following topics are general guidelines for content expected to be included in the exams.
|Sr. No||Domain Sub Domains||Weightage|
|1||Incident Response and Handling||16%|
|3||Forensic Readiness and First Response||13%|
|4||Email Security Incidents||10%|
|5||Application Level Incidents||8%|
|6||Network & Mobile Incidents||16%|
|9||Incidents Occurred in a Cloud Environment||8%|
How long is the ECIH Certification valid?
When you clear the ECIH exam, you will receive digital ECIH certificate within 7 working days. You are permitted to use the Certification name and logo. Your ECIH credential is valid for 3 years.
What is the process to renew my ECIH Certification?
You must earn 120 ECE credits to renew your certification within 3 years of ECE cycle period. You can earn these credits by attending conferences, writing research papers, preparing for training classes, taking an exam of a newer version of the certification, attending webinars, etc.
You must update your EC Council Continuing Education credit account and submit proof of your earned credits. If you fail to achieve 120 credits, your certification will be suspended for a year.
In case you do not achieve the required credits during the suspension period also, you will have to pass certification exam again to earn certification.
Triple CCIE R&S, SP, Security # 46962
CCIE Security #37094
CCIE Voice # 41212
CCIE R&S # 60346
CCIE Security # 58858