ECIH-Product-Cover

Certified Incident Handler | ECIH

Certified Incident Handler | ECIH

The EC-Council Certified Incident Handler (ECIH) program focuses on a structured approach for performing the incident handling and response (IH&R) process. The IH&R process includes stages like incident handling and response preparation, incident validation and prioritization, incident escalation and notification, forensic evidence gathering and analysis, incident containment, systems recovery, and incident eradication. This systematic incident handling and response process creates awareness among incident responders in knowing how to respond to various types of security incidents.

Cybersecurity Professionals interested in pursuing incident handling and response as a career require comprehensive training on the IH&R concepts as well as real-world scenarios. The ECIH program includes hands-on learning delivered through iLabs, online labs within the training program.

Suggested career path only, courses can be taken independently, and the order is not fixed.

Select Training Options:

US Military Solutions
Enterprise Solutions

Outline

Course Outline

  • Module 01: Introduction to Incident Handling and Response
  • Module 02: Incident Handling and Response Process
  • Module 03: Forensic Readiness and First Response
  • Module 04: Handling and Responding to Malware Incidents
  • Module 05: Handling and Responding to Email Security Incidents

  • Module 06: Handling and Responding to Network Security Incidents
  • Module 07: Handling and Responding to Web Application Security Incidents
  • Module 08: Handling and Responding to Cloud Security Incidents
  • Module 09: Handling and Responding to Insider Threats

Description

EC-Council’s Certified Incident Handler provides students with a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. The skills taught in EC-Council’s ECIH program are desired by cybersecurity professionals from around the world and is respected by employers.

ECIH Course Benefits

  • To enable individuals and organizations with the ability to handle and respond to different types of cybersecurity incidents in a systematic way.
  • To ensure that organization can identify, contain, and recover from an attack.
  • To reinstate regular operations of the organization as early as possible and mitigate the negative impact on the business operations.
  • To be able to draft security policies with efficacy and ensure that the quality of services is maintained at the agreed levels.
  • To minimize the loss and after-effects breach of the incident.
  • For individuals: To enhance skills on incident handling and boost their employability.

Demos

Meet Your Instructor
iLabs Demo

Exam

To be eligible to sit the ECIH Exam, the candidate must either:

  • Attend official ECIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see https://iclass.eccouncil.org).

OR

  • Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.

Exam Name: ECIH 212-89

Number of Questions: 100

Test Duration: 3 Hours

Test Delivery: ECC Exam Portal

Test Format: Multiple Choice

Passing Score: 70%

Job Roles

  • Penetration Testers
  • Vulnerability Assessment Auditors
  • Risk Assessment Administrators
  • Network Administrators
  • Application Security Engineers

  • Cyber Forensic Investigators/ Analyst and SOC Analyst
  • System Administrators/Engineers
  • Firewall Administrators and Network Managers/IT Managers

ECIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.

ECIH members are ambitious security professionals who work in Fortune 500 organizations globally.

MasterClass Overview

Don’t just take a class. Join a program.

The MasterClass package includes:

EC-Council Certified Incident Handler (ECIH):

  • EC-Council Certified Incident Handler (ECIH) Live Course
    • ECIH Printed Courseware (US courses Only)
    • ECIH iLabs, Live Labs
    • ECIH Certification Exam
    • Exam Insurance Program
  • ECIH Online Self-Paced Streaming Video Course (1 year access)

AND

Certified SOC Analyst
(CSA):

  • Certified SOC Analyst (CSA) Online Self-Paced Streaming Video Course (1 year access)
    • CSA E-Courseware
    • CSA iLabs, Live Labs
    • CSA Certification Exam
    • Exam Insurance Program

AND

Certified Threat
Intelligence (CTIA):

  • Certified Threat Intelligence (CTIA) Online Self-Paced Streaming Video Course (1 year access)
    • CTIA E-Courseware
    • CTIA iLabs, Live Labs
    • CTIA Certification Exam
    • Exam Insurance Program

About MasterClass

The Most Robust

MasterClass Incident Handler/Response Master Program includes three (3) courses and three (3) certifications:

  • Students will attend the live EC-Council Certified Incident Handler (ECIH) Course which will teach students best practices to detect, validate, contain, and eradicate security incidents to help improve organizational security posture.
  • Students will then be given the self-paced online Certified SOC Analyst (CSA) course which will cover the role of a SOC Manager and SOC analyst Level 1. This course is a great resource for anyone working in a SOC environment that needs to understand the workings of a Security Operations Center, how to Triage incidents, classify them and coordinate Incident handling and response efforts.
  • Lastly this program includes the self-paced Certified Threat Intelligence (CTIA) course to provide you the knowledge to prepare and run a threat intelligence program that allows evidence-based knowledge and provides actionable advice about existing and unknown threats.

Practical Knowledge

In addition to the two multiple choice certification exams, students will also be given comprehensive training on the IH&R concepts as well as real-world scenarios. This program includes hands-on learning delivered through iLabs, online labs.

The Most Labs

  • ECIHv2
    • 48 Exercises
    • Approximately 10 Hours

  • CSA
    • 22 Exercises
    • Approximately 11 Hours

  • CTIA
    • 20 Exercises
    • Approximately 8 Hours

Exam Insurance Program

Here at Masterclass we know that test taking can be very stressful, so we have developed a program to put your mind at ease.

While no one can guarantee that you will pass the exam, we can offer you Exam Insurance: If you fail either certification exam included in this program on the first attempt, EC-Council will pay for the next attempt. Any further attempts can be purchased at the reduced “retake” rate.

Who Should Attend?

  • Penetration Testers
  • Vulnerability Assessment Auditors
  • Risk Assessment Administrators
  • Network Administrators

  • Application Security Engineers
  • Cyber Forensic Investigators/ Analyst and SOC Analyst
  • System Administrators/Engineers
  • Firewall Administrators and Network Managers/IT Managers

Live Course Dates in North America
Buy Now

Live Course Dates outside of North America
Contact Us

Certification Club

Save big. Join the club.

As an iClass Club member, you receive unlimited access to EC-Council’s library of video courses. Upgrade to live classes for only $499 each during the subscription year.

You can even finance your Club membership through our partnership with Affirm. In the cart, you’ll be able to split your purchase into easy monthly payments. Term lengths range from 3 to 36 months depending on eligibility and purchase amount, with rates starting as low as 0% APR.

*Your rate will be 0% APR or 10–30% APR based on credit and is subject to an eligibility check. 0% APR is subject to change. Payment options through Affirm are provided by these lending partners: affirm.com/lenders. Options depend on your purchase amount, and a down payment may be required. US Residents Only.

Certification Club Benefits:

Don’t limit yourself to one class per year, join the iClass Club and get your cybersecurity training directly from the source! No one course can make you an expert, so take advantage of EC-Council Master trainers in each subject area and become a well-rounded cybersecurity professional.

For approximately the cost of one live course, the iClass Club will stretch your budget from one course to many. With savings like that, you can afford to build a strong foundation of cybersecurity knowledge in ethical hacking, pen testing, network defense, incident response, computer forensics, and so much more!

Get Started

One Year Subscription

$2,999

Access to EC-Council’s full library of on-demand courses

Official e-courseware

iLabs*

Certification exam*

Move to “enhance” to upgrade your experience.

Enhance

During your subscription, you can upgrade to a live course for $499!

Official Printed Courseware

iLabs*

Certification exam*

Lastly, receive ongoing professional development by moving to the Continuing Education phase!

Continuing Education

One year of CodeRed

Included

Continue to learn and gather continuing education credits with CODERED!

Premium Content: 4000+ Premium Videos

Fresh Content: New courses and content are added weekly to keep up with the latest skills and technologies.

CodeRed course videos come with lab demos to reinforce course learning concepts and create a constant career learning companion.


Club Subscription in North America
Buy Now

Club Subscription outside of North America
Contact Us

Certification Club Terms:

*Not all courses and workshops have associated Labs and exams. Club members must complete 100% of a course before requesting their next course and to be eligible for that course’s exam voucher. CCISO students must meet the eligibility requirements to challenge the CCISO exam. Students who do not meet the CCISO qualifications must take the EISM exam. CodeRed subscription 12 months. Club membership applicable to EC-Council classes only and does not apply to third party or Hacker Halted classes. Devices such as drones or STORMs must be purchased separately at regular price. Drones and STORMs only ship to the US. Students outside of the US can attend drone workshops but must obtain a drone on their own. If a course version changes while your program is still active, you will be given updated material. If a course version changes after your Club is expired, you will need to purchase an extension to get the new version. Club valid for one year and term begins 24 hours after payment is received. After a period of one (1) year the program expires, and all courses are turned off. Lab access term is for 6 months from when a course is assigned. Additional lab time can be added for no extra charge upon request. Labs will not be extended beyond the Club term. Speak to your rep to extend your Club term for 1 year. Renewal price for the Club is $999. Discount not stackable. The Club is a single user license meaning that the courses cannot be shared, and the club is non-transferable.


If you are outside of North America and are interested in the club subscription, please click here.

If you are outside of North America and are interested in the club subscription, please click here.

If you are outside of North America and are interested in the club subscription, please click here.

Train now, pay later with Affirm.

Learn More

Join us for a free half-day of Certified Incident Handler (ECIH) through our new First Look Cybersecurity Learning Events!

Learn More

Still have questions?

Fill out the form below and a representative will reach out to you shortly.

Name(Required)
Address(Required)