ECHI: Certified Incident
Handler v2
Overview
Organizations are under constant attacks and with the knowledge and skills found in the E|CIH
program, professionals can now not only detect incidents, but also quickly manage and respond
holistically to these incidents. E|CIH is a highly interactive, comprehensive, high-standard,
intensive 3-day training program that teaches information security professionals to behave
professional incident handlers and gain a distinct identity than other security professionals. The
program teaches all the necessary components of incident handling, containment and
reinstating the IT infrastructure.
Course Objective
• Understand the key issues plaguing the information security world
• Learn to combat different types of cybersecurity threats, attack vectors, threat actors
and their motives
• Learn the fundamentals of incident management including the signs and costs of an
incident
• Understand the fundamentals of vulnerability management, threat assessment, risk
man agreement, and incident response automation and orchestration
• Master all incident handling and response best practices, standards, cybersecurity
frame works, laws, acts, and regulations
• Decode the various steps involved in planning an incident handling and response
program
• Gain an understanding of the fundamentals of computer forensics and forensic
readiness
• Comprehend the importance of the first response procedure including evidence
collection, packaging, transportation, storing, data acquisition, volatile and static
evidence collection, and evidence analysis
• Understand anti-forensics techniques used by attackers to find cybersecurity incident
cover-ups
• Apply the right techniques to different types of cybersecurity incidents in a systematic
manner including malware incidents, email security incidents, network security
incidents, web application security incidents, cloud security incidents, and insider threat
related
Who Should Attend
The incident handling skills taught in E|CIH are complementary to the job roles below as well as
many other cybersecurity jobs:
• Penetration Testers
• Vulnerability Assessment Auditors
• Risk Assessment Administrators
• Network Administrators
• Application Security Engineers
• Cyber Forensic Investigators/ Analyst and SOC Analyst
• System Administrators/Engineers
• Firewall Administrators and Network Managers/IT Managers
Prerequisites
Basic knowledge of networking, operating systems, and cybersecurity concepts. Prior experience in IT, security, or related roles is recommended.
Training Calendar
Intake
Duration
Program Fees
Module
Module 1 - Introduction to Incident Handling and Response
Module 2 - Incident Handling and Response Process
Module 3 - Forensic Readiness and First Response
Module 4 - Handling and Responding to Malware Incidents
Module 5 - Handling and Responding to Email Security Incidents
Module 6 - Handling and Responding to Network Security Incidents
Module 7 - Handling and Responding to Web Application Security Incidents
Module 8 - Handling and Responding to Cloud Security Incidents
Module 9 - Handling and Responding to Insider Threats
FAQs
General Questions:
Q: What is the E|CIH v2 course about?
A: The E|CIH v2 course focuses on equipping professionals with the skills to detect, respond to, and manage cybersecurity incidents. It covers incident handling processes, forensic readiness, and effective response strategies for malware, email, network, web application, cloud, and insider threat incidents.
Q: Who should attend this course?
A: Ideal for Penetration Testers, Vulnerability Assessment Auditors, SOC Analysts, System Administrators, Network Managers, Forensic Investigators, and other cybersecurity professionals involved in incident response.
Q: What are the prerequisites for this course?
A: Participants should have basic knowledge of networking, operating systems, and cybersecurity concepts. Prior experience in IT or security roles is recommended.
Q: How long is the course?
A: The course duration is 3 days.
Q: What key topics are covered in this course?
A: Topics include the incident handling process, forensic readiness, evidence handling, anti-forensics, and responding to various types of cybersecurity incidents across different environments.
Q: Will I receive a certification after completing the course?
A: Yes, the course prepares you for the EC-Council Certified Incident Handler (E|CIH) v2 certification. You will need to pass the certification exam to earn the official credential.
Program Content & Skills:
Q: What will I learn in the E|CIH v2 course?
A: You’ll learn how to detect, manage, and respond to cybersecurity incidents. The course covers the full incident handling process, including containment, eradication, and recovery, as well as response strategies for malware, email, network, web, cloud, and insider threat incidents.
Q: Will I learn how to handle volatile data and perform first response procedures?
A: Yes, the course includes detailed training on first response procedures, such as evidence collection, volatile and static data acquisition, packaging, and analysis—critical for real-time incident handling.
Q: Does the course cover incident response across different systems or platforms?
A: Yes, E|CIH v2 addresses incident handling for various environments including network infrastructures, web applications, cloud platforms, and more.
Q: Will I learn about detecting and responding to network and web-based attacks?
A: Yes, you will gain practical knowledge on handling network security and web application security incidents, including identifying and responding to common attack vectors.
Q: Is there a focus on cloud security and insider threats in the course?
A: Absolutely. The course dedicates specific modules to managing cloud-related incidents and detecting/responding to insider threats—helping you tackle modern cybersecurity challenges effectively.
Submit your interest today !
