EC-Council Certified Incident Handler (ECIH)
EC-Council Certified Incident Handler (ECIH)
The ECIH program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats.
The comprehensive training program will make students proficient in handling as well as responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats.
Key Outcomes
- Principals, processes and techniques for detecting and responding to security threats/ breaches
- Liaison with legal and regulatory bodies
- Learn to handle incidents and conduct assessments
- Cover various incidents like malicious code, network attacks, and insider attacks
Exam Information
Exam Title: EC-Council Certified Incident Handler
Exam Code: 212-89
Number of Questions: 50
Duration: 2 hours
Availability: ECC Exam Portal
Test Format: Multiple Choice
Passing Score: 70%
- Introduction to incident response and handling
- Risk assessment
- Incident response and handling steps
- CSIRT
- Handling network security incidents
- Handling malicious code incidents
- Handling insider threats
- Forensic analysis and incident response
- Incident reporting
- Incident recovery
- Security policies and laws