EC-Council Certified Incident Handler14 H 43 M

Get the training you need to respond to various security events. In this ECIH course, you'll learn the underlying principles of responding to security threats.

  • Introduction to Incident Response and Handling
    • Overview
    • Intro to Incident Response
    • Intro to Incident Response Part 2
    • Intro to Incident Response Part 3
    • Intro to Incident Response Part 4
  • Risk Assessment
    • Risk
    • Risk Part 2
    • Risk Part 3
    • Risk Part 4
  • Incident Response and Handling Steps
    • Incident Response Steps
    • Incident Response Steps Part 2
    • Incident Response Steps Part 3
    • Incident Response Steps Part 4
    • CSIRT
    • CSIRT Part 2
    • CSIRT Part 3
  • Handling Network Security Incidents
    • Network Security Incidents
    • Network Security Incidents Part 2
    • Network Security Incidents Part 3
  • Handling Malicious Code Incidents
    • Malicious Code Incidents
  • Handling Insider Threats
    • Insider Threats
    • Insider Threats Part 2
  • Forensic Analysis and Incident Response
    • Forensic Analysis and Incident Response
    • Forensic Analysis and Incident Response Part 2
  • Incident Reporting
    • Incident Reporting
  • Incident Recovery
    • Incident Recovery
  • Security Policies and Laws
    • Security Policy and Law
    • Security Policy and Law Part 2


3 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

This course covers the exam objectives of EC-Council's Certified Incident Handler (ECIH) program. It discusses the basic skills to handle and respond to security events and addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats.

[SOUND] >> If you're studying for the ECIH exam, you're in the perfect place to learn more about it. Because right now, Adam Gordon is going to go ahead and explain, well, what to expect within this show series. Thank you for joining us today, Adam. >> Thank you. Hello, everybody. Hopefully everyone's doing well. Looking forward to spending time with you. When we talk about the EC Council Certified Incident Handler material, what we're really focusing on is the understanding of what it means to be an incident responder, an incident handler, an incident manager. As an IT security professional, we're gonna be talking about the methodology, the techniques, the thought process, the tools and the strategies associated with incident handling and incident response in the enterprise or in the organizations that you all represent. We'll be talking about things like risk assessment. Why is risk so important? What does risk have to do with incident handling? Well, come on back and talk to us and we'll be happy to talk about that with you. What about instant response and handling steps? What about the concept of the CERT, the C, E, R, T, the CSIRT, C, S, I, R, T, computer security instant response, computer emergency response. We'll define and talk about these terms. We're gonna talk about how to handle network and security related incidents. How to handle malicious code incidents. What happens when somebody infects us with malware? How do we address those concerns? How do we handle insider threats when somebody that we work with perhaps is the threat source, the bad actor, that is engaging in activity that leads to risk? How do we address that? How do we find that out? Come back and join us, and we'll be talking more about that. Forensic analysis and incident response. How do we know, once we find out that there's been an incident and we have evidence that points us in that direction, how do we deal with that? And how do we capture that evidence in a way that allows us to establish beyond reasonable doubt a chain of custody of evidence? And the ability to handle that evidence so that if and when it is necessary to show up in a court of law and to describe what we found, and to testify as to the events that occurred, we could do so authoritatively and we can stand on the evidence that we have captured and we have cataloged, we have reported on, we have analyzed. Because we've done so in a forensically sound way. We'll talk about incident reporting, incident recovery. And of course, topic near and dear to my heart and Cherokee's, we'll be talking about security policy and law and the impact of policy and law on the incident handling profession. Encourage you to all come on back, take a look at all that with us. Spend some time with us. And as always, make sure that you are selective and watch what you want to understand and find out about in this series of episodes. But keep in mind, there may be a part one, part two, part three. We often encourage you to watch those episodes in sequential order. If you missed something, go back and watch them again. That's why we're record them and why you can play them back whenever you wanna look at them. Looking forward to spending time with you. As always, please come on back and see us. And when you do, make sure you bring comfy clothes. What did you say, popcorn? >> Popcorn. [LAUGH] >> Bring popcorn and bring a notepad and make some notes and write down all those things that are important. And make sure that as you're doing so you thinking about how you're gonna prepare for this exam and or the information necessary to relay this to your professional field, and to do this in the real world as you look to become more educated, more knowledgeable, and of course, more valuable to your organization as an incident handler. [SOUND]

Just you? Training a whole team? There's an ITProTV plan that fits.

With more than 5,800 hours of engaging video training for IT professionals, you'll find the courses you and your team need to stay current and get the latest certifications.