Certified Incident Handler (ECIH) v2

ECIH v219 H 36 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
  • Introduction to Incident Handling and Response
    • Overview
    • ECIHv2 EC-Council Certification Overview
    • Information Security and Incident Management
    • What is Vulnerability Management
    • What are Threat Assessments
    • Risk Management - Vocabulary
    • Risk Management - The Process
    • Risk Management - The NIST RMF
    • Incident Handling best practices, std., frameworks
    • Incident Handling and Legal Compliance
  • Incident Handling and Response Process
    • Step 1: Prepare for Incident Handling, Response
    • Step 2: Incident Recording and Assignment
    • Step 3: Incident Triage
    • Step 4: Notification
    • Step 5: Containment
    • Step 6: Evidence Gathering and Forensic Analysis
    • Step 7: Eradication
    • Step 8: Recovery
    • Step 9: Post-Incident Activities
  • Forensic Readiness and First Response
    • Forensics and first response
    • Principles of Digital Evidence Collection
    • Data Acquisition
    • Volatile Evidence Collection
    • Static Evidence Collection and Anti-Forensics
  • Handling and Responding to Malware Incidents
    • Preparation for Handling Malware Incidents
    • Detection of Malware Incidents
    • Containment of Malware Incidents
    • Eradication of Malware Incidents
    • Recovery after Malware Incidents
  • Handling and Responding to Email Security Incidents
    • Handling Email Security Incidents
  • Handling and Responding to Network Security Incidents
    • Preparation Handling Network Security Incidents
    • Detection, Validation Network Security Incidents
    • Handling Unauthorized Access Incidents
    • Handling Inappropriate Usage Incidents
    • Handling Denial-of-Service Incidents
    • Handling Wireless Network Security Incidents
  • Handling and Responding to Web Application Security Incidents
    • Preparation to Handle Web App Security Incidents
    • Detecting, Analyzing Web App Security Incidents
    • Containment of Web Application Security Incidents
    • Eradication of Web Application Security Incidents
    • Recovery from Web Application Security Incidents
    • Web Application Security Threats and Attacks
  • Handling and Responding to Cloud Security Incidents
    • Cloud Computing Concepts
    • Best Practices Against Cloud Security Incidents
  • Handling and Responding to Insider Threats
    • Best Practices Against Insider Threats
  • Hands-On with E|CIH Tools
    • Security checks using buck-security on Linux
    • Volatile evidence collection - Linux, Windows
    • Using OSForensics to find hidden material
    • Analyzing non-volatile data using Autopsy
    • Malware analysis
    • Collecting information by tracing emails
    • Using OSSIM
    • Using Wireshark and NMAP
    • Using Suricata IDS
    • What does a SQL Injection Attack look like
    • What does a XSS Attack look like


4 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description

This course covers the exam objectives of EC-Council's Certified Incident Handler v2 (E|CIH) program. It discusses the basic skills to handle and respond to security events and addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs: Penetration Testers Vulnerability Assessment Auditors Risk Assessment Administrators Network Administrators Application Security Engineers Cyber Forensic Investigators/ Analyst and SOC Analyst System Administrators/Engineers Firewall Administrators and Network Managers/IT Managers

Start training today

Just you? Check out our personal plans


$529 per seat/per year


Total seats


$349 per seat/per year


Total seats

Credit card required

This is for your account.
This is for your account.
We will contact you with this phone number about your trial.
We will contact you with this email about your trial.
What is the name of your company?
In which country is your company located?

Step 1 of 2

Get a demo or a start a team trial