Provided by

Enquire about this course

About the course



About the course
Are you an ambitious security professional looking to progress in their career? If so, the Certified Incident Handler course is for you. The skills taught in the EC-Council’s ECIH program are desired by cybersecurity professionals from around the world and highly respected by employers.

This specialist-level course is ideal for mid-level to high-level cybersecurity professionals. You will learn the fundamental skills to handle and respond to the computer security incidents in an information system. Additionally, the ECIH has a structured approach for performing the incident handling and response (IH&R) process. The IH&R includes stages like incident handling and response preparation, incident validation and prioritisation, incident escalation and notification, forensic evidence gathering and analysis, incident containment, systems recovery and incident eradication. This systematic incident handling and response process creates awareness among incident responders in knowing how to respond to various types of security incidents.

The Certified Incident Handler certification will provide the necessary knowledge to do the following:

  • Handle Various Incidents
  • Practice Risk Assessment Methods
  • Detect and Respond to Current and Emerging Computer Security Threats

This certification is held in high regard as finding vulnerabilities and ensuring that they are addressed appropriately can substantially strengthen the networks and systems of any organisation. Given the frequency with which businesses and individuals are attacked, this is not something to be taken lightly and prevention of such attacks are always better than trying to recover from one, as the damage that has been done can very often be irreparable.

EC-Council Certified Incident Handler (ECIH) Course Assessment
The Certified Incident Handler (ECIH) course is accredited by the EC-Council and is an internationally recognised certification. In order to earn your ECIH qualification you will need to undergo official ECIH training from an accredited training provider and then pass the Incident Handler exam at an authorised testing centre.

EC-Council Certified Incident Handler (ECIH) Course Requirements
There are no formal prerequisites to study the ECIH course but it is advised that you have an understanding of operating systems, TCP/IP and networking.

Career Path Opportunities
The EC-Council Certified Incident Handler course is suited for anyone looking to work in any of the following roles:

  • IT Security Officer
  • IT Security Auditor
  • Site Administrator
  • Senior IT Security Analyst
  • Senior Web Security Engineer
  • Penetration Tester
  • Application Security Consultant
  • Information Security Manager
  • Threat and Vulnerability Analyst
  • Cyber Security Manager

Frequently Asked Core Concepts Course Questions
QUESTION What is the format of the Certified Incident Handler exam?

The Certified Incident Handler (ECIH) exam is presented in a multiple choice format.

QUESTION How many questions does the ECIH exam consist of?

The Certified Incident Handler exam comprises of 100 questions.

QUESTION How long do I have to complete the official ECIH exam?

The duration of the ECIH exam is three (3) hours.

Module 01: Introduction to Incident Handling and Response  
Module 02: Incident Handling and Response Process  
Module 03: Forensic Readiness and First Response  
Module 04: Handling and Responding to Malware Incidents  
Module 05: Handling and Responding to Email Security Incidents  
Module 06: Handling and Responding to Network Security Incidents  
Module 07: Handling and Responding to Web Application Security Incidents  
Module 08: Handling and Responding to Cloud Security Incidents  
Module 09: Handling and Responding to Insider Threats  


Start date Location / delivery
No fixed date Online

Related article

CYBER PULSE: EDITION 131 | 28 SEPTEMBER 2020 Read the latest edition of Cyber Pulse: Major KuCoin cryptocurrency theft, Hungarian financial