The EC-Council Certified Incident Handler (ECIH) program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policies related to incident handling. After attending this course, they will be able to create incident handling and response policies as well as deal with various types of computer security incidents.


Duration: 15 Days (Regular and Weekend batches available)
Pre-Requisite: Basic Knowledge of computer and internet
Eligibility Criteria: Attend Official EC-Council Training
Current Offer/Discount: Combo Offer 2016 and Summer Discount 2016 – New

Course Included:

  • Risk Assessment Administrators
  • Incident Handlers
  • Cyber Forensic Investigators
  • Pen Testers
  • Systems Engineers
  • Firewall Administrators
  • IT professionals involved in incident handling and response

Exam Info:
Number of Questions: 125
Test Duration: 4 Hours
Test Format: Multiple Choice

Test Delivery:
Cyber Radix Exam and Training Partner (through EC-Council exam portal)

The Happy You: 100% Satisfaction or Money Back Guaranty No Terms and Conditions


Course Outline:

Overview of Incident Response and Handling

  • Statistics on Cyber Incidents
  • Computer Security (CS)
  • Business Assets – Information
  • Classifying Data
  • Common Terms
  • Information Warfare
  • Key Theories For Information Security
  • Vulnerability, Threat, and Attack
  • CS Incident Types and Examples
  • Incidents and Disaster Recovery Plans
  • Common Signals of an Incident
  • Low, Middle and High Level Categories of Incidents
  • Prioritization
  • Response and Handling
  • Technologies for Disaster Recovery
  • Virtualization’s Impact
  • Incident Costs
  • Reporting
  • Vulnerability Resources

Risk Assesments

  • Overview of Risk
  • Policies and Assessment
  • Method for Risk Assessment by NIST
  • Assessing Workplace Risk
  • Strategies for Analyzing and Mitigating Risk
  • Cost/Benefit Analysis
  • Method for Control Implementation by NIST
  • Residual Risk
  • Tools for Managing Risk

Steps for Incident Response and Handling

  • Identifying and Handling an Incident
  • Need for and Goals of Incident Response
  • Creating an Effective Plan for Incident Response
  • 17 Steps for Incident Response and Handling
  • Training and Creating Awareness
  • Security Training and Awareness Checklist
  • Managing Incidents
  • Incident Response Team
  • Interrelationship Between Incident Response, Handling, and Management
  • Common Best Practices and Policy
  • Creating a Checklist
  • RTIR – Incident Handling System
  • RPIER – 1st Responder Framework


  • Computer Security Incident Response Team (CSIRT)
  • Purpose of an IRT
  • Goals, Strategy and Vision of a CSIRT
  • CSIRT – Common Names
  • Mission Statement
  • Constituency and CSIRT’s Place within an Organization
  • Peer Relationship
  • Environment Types for CSIRT
  • Creating a CSIRT
  • Team Roles
  • Services, Policies and Procedures
  • Handling a Case and the Incident Report Form
  • Techniques for Tracking and Reporting
  • CERT
  • CERT(R) Coordination Center: Incident Reporting Form
  • World CERTs
  • IRTs Around the World

Handling Incidents with Network Security

  • DoS and DDoS Incidents
  • Detecting a DoS Attack
  • Preparing for a DoS Attack and How to Handle It
  • Incidents of Unauthorized Access
  • Incidents of Inappropriate Usage
  • Incidents with Many Components
  • Tools for Monitoring Network Traffic
  • Tools for Auditing the Network
  • Network Protection Tools

Malicious Code Incidents

  • Malware Samples Count
  • Viruses, Worms, Trojans and Spywares
  • Preparing for Incident Handling
  • Incident Prevention
  • Detection of Malware
  • Creating a Strategy for Containment
  • Gathering and Handling Evidence
  • Eradication and Recovery
  • Recommendations
  • Antivirus Systems

Insider Threats

  • Overview and Anatomy of an Insider Attack
  • Risk Matrix
  • Detecting and Responding to Insider Threats
  • Insider’s Incident Response Plan
  • Common Guidelines for Threat Detection and Prevention
  • Tools for Monitoring Employees

Forensic Analysis and Incident Response

  • Computer Forensics
  • Objectives and Role of Forensic Analysis
  • Forensic Readiness And Business Continuity
  • Forensic Types
  • Computer Forensic Investigators and the Investigation Process
  • Overview and Characteristics of Digital Evidence
  • Overview and Challenges of Collecting Evidence
  • Forensic Policy
  • Forensics in the IS Life Cycle
  • Guidelines and Tools for Forensic Analysis

Incident Reporting

  • Overview of Incident Reporting and Why You Should Report Any Incidents
  • Why Many Organizations Don’t Report
  • Creating the Report and Where to Send It
  • Preliminary Reporting Form
  • CERT Incident Reference Numbers
  • Incorporating Contact Information
  • Host Summary and Activity Description
  • Log Extracts
  • Time Zone
  • Incident Categories
  • Organizations to Report Computer Incident
  • Guidelines to Follow
  • Sample Reporting Forms

Incident Recovery

  • Overview of Incident Recovery and Common Principles
  • Steps for Recovery
  • Contingency and Continuity of Operations Planning
  • Business Continuity Planning
  • Incident Recovery Plans and the Planning Process

Security Laws and Policies

  • Introduction to and the Key Pieces of a Security Policy
  • Common Policy Goals and Characteristics
  • Designing and Implementing a Security Policy
  • Acceptable Use Policy (AUP)
  • Access and Asset Control Policies
  • Audit Trail
  • Logging
  • Documenting
  • Collecting and Preserving Evidence
  • Information Security
  • NIACAP Policy
  • Physical Security Guidelines and Policies
  • Personnel Security Guidelines and Policies
  • Law and Incident Handling
  • Laws and Acts
  • IP Laws



How To Register:

Register Online:
You can register online by paying a minimum registrtaion fee of Rs.5000 (INR) OR 100$ (USD) through your Debit/Credit Card/Net Banking

Offline Registration:
You can register offline by paying a minimum regisration fee of Rs.5000 (INR) OR 100$ (USD) through Cash Deposit/NEFT/RTGS/CHEQUE/Demand Draft to the following bank account and mail us the payment slip along with your and course details.



[contact-form-7 id=”822″ title=”Contact form 3″]

Views All Time
Views All Time
Views Today
Views Today