EC-Council Certified Incident Handler (ECIH) v2

- Kun 3 dage

01 Introduction to Incident Response and Handling

  • Defines computer security incident
  • Discusses the importance of data classification
  • Discusses information warfare
  • Discusses the key concepts of information security
  • Explains various vulnerability, threat, and attacks on information systems
  • Discusses types of computer security incidents with example
  • Explains different incident categories
  • Discusses incident prioritisation issues
  • Explains incident response, incident handling and computer forensics

02 Risk Assessment

  • Explains risk policy
  • Discusses the risk assessment methodology
  • Outlines different steps to assess and mitigate risks at work place
  • Describes risk analysis
  • Discusses different risk mitigation strategies
  • Explains the importance of cost/benefit analysis in risk assessment process
  • Discusses various issues involved with control implementation
  • Explains the risk mitigation methodology
  • Discusses residual risk
  • Showcases risk assessment tools

03 Incident Response and Handling Steps

  • Explains the need for incident response
  • Describes the incident response process
  • Explains the incident response components
  • Describes incident response methodology
  • Explains various incident response and handling stages
  • Defines the incident response plan
  • Outlines the steps for incident response plan
  • Discusses the importance of training and awareness for incident response and handling
  • Provides security awareness and training checklists
  • Explains incident response policy
  • Discusses about incident management and the purpose of incident management
  • Explains about incident response team structure, personnel, team dependencies and team services
  • Defines the relationship between incident response, incident handling, and incident management
  • Discusses about incident response best practices

04 CSIRT

  • Discusses the need of an Incident Response Team (IRT)
  • Explains CSIRT goals and strategy
  • Explains CSIRT mission and vision
  • Explains CSIRT constituency
  • Discusses about the CSIRT place in the organisation
  • Explains the CSIRT relationship with peers
  • Defines the types of CSIRT environments
  • Explains the best practices for creating a CSIRT
  • Explains the role of CSIRTs
  • Defines the roles in an Incident Response Team
  • Illustrates different CSIRT services
  • Explains about CSIRT policies and procedures
  • Explains how CSIRT handles a case

05 Handling Network Security Incidents

  • Defines DoS and DDoS attacks
  • Explains incident handling preparation for DoS attacks
  • Discusses different types of unauthorised access incident
  • Explains various stages involved in incident handling preparation for unauthorised access incident
  • Discusses different types of inappropriate usage incidents
  • Explains different steps of incident handling preparation for inappropriate usage incidents
  • Discusses about the multiple component incidents
  • Explains steps involved in incident handling preparation for multiple component incidents
  • Showcases network security assessment tools such as Nmap and Wireshark

06 Handling Malicious Code Incidents

  • Explains about virus, worms, trojans and spywares
  • Explains the incident handling preparation for malicious code incidents
  • Discusses about the incident prevention, detection and analysis of malicious code incidents
  • Explains the containment strategy for the t malicious code incidents
  • Explains the method of evidence gathering and handling the malicious code incidents
  • Defines the method of eradication and recovery from the malicious code incidents
  • Explains various countermeasures for the malicious code incidents

07 Handling Insider Threats

  • Handling Insider Threats
  • Defines insider threats
  • Explains the anatomy of an insider attack
  • Explains different techniques for the insider threat detection
  • Explains the insider threats response
  • Describes the insider’s incident response plan
  • Provides guidelines for overcoming insider threats
  • Demonstrates various employee monitoring tools

08 Forensic Analysis and Incident Response

  • Discusses computer forensics
  • Explains the objectives of forensics analysis
  • Discusses about the role of forensics analysis in incident response
  • Explains the types of computer forensics
  • Discusses about computer forensic investigator and other people involved in computer forensics
  • Defines the computer forensics process
  • Explains about the forensic policies
  • Discusses about the forensics in the information system life cycle
  • Demonstrates forensic analysis tools such as Helix and Sysinternals tools

09 Incident Reporting

  • Defines the incident reporting
  • Outlines the details to be reported
  • Provides report formats
  • Discusses the information disclosure issues
  • Explains the issues involved in reporting work place incidents
  • Discusses about the federal agency incident categories
  • Provides the incident reporting guidelines

10 Incident Recovery

  • Defines the incident recovery
  • Explains the principles of incident recovery
  • Illustrates different steps of incident recovery
  • Discusses about contingency/continuity of operations planning
  • Discusses about business continuity planning and business impact analysis
  • Describes the incident recovery plan
  • Discusses about the incident recovery planning team
  • Defines the incident recovery testing

11 Security Policies and Laws

  • Defines the security policy
  • Explains the key elements of security policy
  • Describes the goals of a security policy
  • Explains the purpose of a security policy
  • Explains the characteristics of a security policy
  • Discusses about the implementation of security policies
  • Explains the access control policy and its importance
  • Explains the administrative security policy, asset control policy, audit trail policy, logging policy, documentation policy, evidence collection policy, information security policy, National Information Assurance Certification & Accreditation Process (NIACAP) policy, and physical security policy
  • Provides the physical security guidelines
  • Discusses about the personnel security policies & guidance
  • Explains the role of laws in incident handling
  • Discusses about the legal issues when dealing with an incident
  • Discusses about the law enforcement agencies

Se Certificering...

Det tager kun et øjeblik at se hvor billigt dit kursus er...

Her er 4 gode grunde til at du skal tage ECIH hos Firebrand:

  1. Du bliver ECIH uddannet og certificeret hurtigere. Du lærer mere på vores 6 dages accelererede kursus og får mindst 12 timers daglig uddannelse i et distraktionsfrit miljø.
  2. Dit ECIH kursus er alt-inklusiv. Du får en gennemskuelig pris, der dækker alle kursusmaterialer, eksamen, overnatning og forplejning. Du skal ikke tænke på andet end at lære.
  3. Bestå ECIH den første gang eller kom tilbage, gratis. Din instruktør er ekspert, og træner dig ud fra accelererede metoder, så du lærer hurtigere og har de bedste muligheder for at bestå eksamen første gang. Men hvis du mod forventning ikke består, er du dækket af vores Certificeringsgaranti.
  4. Tag ECIH hos en prisvindende uddannelsesleverandør. Vi har vundet adskillige udmærkelser heriblandt Microsofts "Årets Learning Partner" hele fem gange og to Børsen Gazelle priser. Firebrand er din hurtigste vej til uddannelse, og vi har sparet 70,000 deltagere for mere end en million spildte timer siden 2001.

Er du klar til kurset? Tag en GRATIS test som hjælper dig med at bedømme din nuværende viden.

You'll sit the following exam on site as part of the course:

ECIH: exam code 212-89

  • Number of Questions: 50
  • Passing Score: 70%
  • Test Duration: 2 hours
  • Test Format: Multiple choice

Se Hvad er inkluderet?...

Firebrand Training tilbyder kvalificerede uddannelses- og certificeringsprogram som inkluderer alt, er enkelt for kunden og udviklet med fokus på de specifikke behov som vores deltagere har. Vi sørger for, at alle detaljer er på plads, så du kun skal fokusere på dine indlærings- og certificeringsmål.

Vores kursus- og certificeringsprogram inkluderer alt med;

  • Praktisk orienteret undervisning som anvender vores Præsentation|Øvelse|Diskussion metodik
  • Omfattende kursusmaterialer og labmanualer
  • Et helt igennem instruktørstyret program med 24 timers adgang til både undervisningslokale, labudstyr og instruktøren
  • Overnatninger, samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the
  • Vores certificeringsgaranti som indebærer, at vi giver en uvilkårlig garanti for at du opnår din certificering. Du har ret til at komme tilbage til kurset så mange gange du ønsker, indenfor de første 12 måneder, indtil du har fået din certificering. Det eneste du skal betale er eventuelle nye eksamens- og logiomkostninger
  • Transport til og fra nærmeste lufthavn/togstation både før og efter kurset

Det hele er inkluderet! Du får en alt-inklusiv kursuspakke, som er målrettet til dine behov. Vi tager os af enhver detalje, så det eneste du skal fokusere på er dine lærings- og certificeringsmål.

  • Transport til/fra specifikke afhentningssteder
  • Overnatninger, samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
  • Intensiv Hands-on uddannelse med vores unikke (Lecture | Lab | Review)TM metode
  • Omfattende kursusmaterialer og labmanualer
  • Et helt igennem instruktørstyret program
  • 24 timers adgang til både undervisningslokale og instruktøren
  • Samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
  • Certificeringsgaranti

Se Forkundskaber...

It is recommended you have the following experience before attending this course:

  • A minimum of one years experience managing Windows/Unix/Linux systems
  • An understanding of common network and security services

Er du klar til dit Firebrand Kursus?

Vi interviewer alle potentielle deltagere angående deres baggrund, uddannelser, certificeringer og personlig indstilling. Hvis du kommer igennem denne screeningsprocedure, betyder det, at du har rigtig gode chancer for at bestå.

Firebrand Training tilbyder et ambitiøst uddannelsesmiljø, som forudsætter at du dedikerer dig til kurset. Ovenstående forkundskaber er vejledende; mange deltagere med mindre erfaring, men med en anden baggrund eller færdigheder, har haft succes med accelereret uddannelse hos Firebrand Training.

Hvis du funderer på hvorvidt du opfylder de anbefalede forkundskaber, er du meget velkommen til at ringe til os på 78 79 16 53 og tale med en af vores uddannelsesrådgivere, som kan hjælpe dig.

Se Hvornår...

EC-Council ECIH Kursusdatoer

EC-Council - Certified Incident Handler (ECIH) v2

Starter

Slutter

Tilgængelighed

Tilmelding

15/4/2020 (Onsdag)

17/4/2020 (Fredag)

Tilgængelige pladser

Tilmelding

Vi har uddannet over 72.589 personer i løbet af 12 år. Vi har bedt dem alle om at bedømme vores accelererede kurser. Aktuelt har 96,77% sagt, at Firebrand oversteg deres forventninger:

"The staff are knowledgeable and try to make the courses fun. You will come away will tools and knowledge for your day to day business."
G.M.. (19/9/2019 til 21/9/2019)

"Full on."
Alistair Toomey, BBC. (19/9/2019 til 21/9/2019)

"The instructor is always good"
David Wintour, IMI. (19/9/2019 til 21/9/2019)

"Great experience on my second visit. Definitely would recommend this method of training."
Christopher Dyke, Atos. (17/9/2018 til 18/9/2018)

"Good training also for people without much experience."
Anonym (24/7/2018 til 25/7/2018)

Seneste anmeldelser fra vores studerende