EC-Council Certified Incident Handler

Course DateStart TimeEnd TimeTime ZoneLocationDaysPrice
Call for In Class or Live Virtual Dates3$3,800 CADPurchase


EC-Council Certified Incident Handler

ECIH has been designed and developed in collaboration with cybersecurity and incident handling/response experts across the globe.  It is a comprehensive specialist level program, with C|EH and C|ND being the “Core” certifications, that teaches how organizations can effectively handle post breach consequences by reducing the impact of the incident, both financial and reputational.  The course is built after the rigorous Job Task Analysis (JTA) of the job roles involved in the field of incident handling and response.  It is a highly interactive, comprehensive, standards-based, intensive 3-day training program that teaches a structured and professional approach for effective incident handling in real-life.

Duration:  3 days


  • Penetration Testers
  • Vulnerability Assessment Auditors
  • Risk Assessment Administrators
  • Network Administrators
  • Application Security Engineers
  • Cyber Forensic Investigators/Analyst and SOC Analyst
  • System Administrators/Engineers
  • Firewall Administrators and Network Managers/IT Managers

Learning Objectives

  • Understand the key issues plaguing the information security world 
  • Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives 
  • Learn the fundamentals of incident management including the signs and costs of an incident 
  • Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration 
  • Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations 
  • Decode the various steps involved in planning an incident handling and response program 
  • Gain an understanding of the fundamentals of computer forensics and forensic readiness 
  • Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis 
  • Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups 
  • Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents, and insider threat-related incidents


  • Introduction to Incident Handling and Response 
  • Incident Handling and Response Process 
  • Forensic Readiness and First Response 
  • Handling and Responding to Malware Incidents 
  • Handling and Responding to Email Security Incidents 
  • Handling and Responding to Network Security Incidents 
  • Handling and Responding to Web Application Security Incidents 
  • Handling and Responding to Cloud Security Incidents 
  • Handling and Responding to Insider Threats
Right Menu IconMENU