EC-Council Certified Incident Handler v2 (In Production)

ECIH v219 H 26 M

  • Introduction to Incident Handling and Response
    • Overview
    • Information Security and Incident Management
    • What is Vulnerability Management
    • What are Threat Assessments
    • Risk Management - Vocabulary
    • Risk Management - The Process
    • Risk Management - The NIST RMF
    • Incident Handling best practices, std., frameworks
    • Incident Handling and Legal Compliance
  • Incident Handling and Response Process
    • Step 1: Prepare for Incident Handling, Response
    • Step 2: Incident Recording and Assignment
    • Step 3: Incident Triage
    • Step 4: Notification
    • Step 5: Containment
    • Step 6: Evidence Gathering and Forensic Analysis
    • Step 7: Eradication
    • Step 8: Recovery
    • Step 9: Post-Incident Activities
  • Forensic Readiness and First Response
    • Forensics and first response
    • Principles of Digital Evidence Collection
    • Data Acquisition
    • Volatile Evidence Collection
    • Static Evidence Collection and Anti-Forensics
  • Handling and Responding to Malware Incidents
    • Preparation for Handling Malware Incidents
    • Detection of Malware Incidents
    • Containment of Malware Incidents
    • Eradication of Malware Incidents
    • Recovery after Malware Incidents
  • Handling and Responding to Email Security Incidents
    • Handling Email Security Incidents
  • Handling and Responding to Network Security Incidents
    • Preparation Handling Network Security Incidents
    • Detection, Validation Network Security Incidents
    • Handling Unauthorized Access Incidents
    • Handling Inappropriate Usage Incidents
    • Handling Denial-of-Service Incidents
    • Handling Wireless Network Security Incidents
  • Handling and Responding to Web Application Security Incidents
    • Preparation to Handle Web App Security Incidents
    • Detecting, Analyzing Web App Security Incidents
    • Containment of Web Application Security Incidents
    • Eradication of Web Application Security Incidents
    • Recovery from Web Application Security Incidents
    • Web Application Security Threats and Attacks
  • Handling and Responding to Cloud Security Incidents
    • Cloud Computing Concepts
    • Best Practices Against Cloud Security Incidents
  • Handling and Responding to Insider Threats
    • Best Practices Against Insider Threats
  • Hands-On with E|CIH Tools
    • Security checks using buck-security on Linux
    • Volatile evidence collection - Linux, Windows
    • Using OSForensics to find hidden material
    • Analyzing non-volatile data using Autopsy
    • Malware analysis
    • Collecting information by tracing emails
    • Using OSSIM
    • Using Wireshark and NMAP
    • Using Suricata IDS
    • What does a SQL Injection Attack look like
    • What does a XSS Attack look like


4 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description

This course covers the exam objectives of EC-Council's Certified Incident Handler v2 (E|CIH) program. It discusses the basic skills to handle and respond to security events and addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs: Penetration Testers Vulnerability Assessment Auditors Risk Assessment Administrators Network Administrators Application Security Engineers Cyber Forensic Investigators/ Analyst and SOC Analyst System Administrators/Engineers Firewall Administrators and Network Managers/IT Managers

Just you? Training a whole team? There's an ITProTV plan that fits.

With more than 5,800 hours of engaging video training for IT professionals, you'll find the courses you and your team need to stay current and get the latest certifications.