Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
ECIH: Certified Incident Handler Training
The Certified Incident Handler (ECIH) Training provides comprehensive skills for managing and responding to cybersecurity incidents. This course covers essential topics such as incident detection, response strategies, and recovery processes. Participants will learn to identify and assess incidents, manage communication, and implement effective containment and remediation measures. The training emphasizes hands-on practice with real-world scenarios to build practical incident handling skills. Designed for IT professionals and security teams, the ECIH Training prepares candidates for the ECIH certification exam, equipping them to efficiently handle and mitigate security incidents and protect organizational assets.
Course Overview
- Candidates with a minimum of 1 year of work experience in the domain.
Learning Objectives
After taking this course, you will be able to:
- Understand the key issues plaguing the information security world
- Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
- Learn the fundamentals of incident management including the signs and costs of an incident
- Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
- Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts, and regulations
- Decode the various steps involved in planning an incident handling and response program
- Gain an understanding of the fundamentals of computer forensics and forensic readiness
- Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
- Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.