EC-Council Certified Incident Handler (E|CIH)

Price
Net
VAT

Price
Price on Request

Duration
3 days

For companies and job seekers:
this course is 100% fundable!
 

Location

Course Language
English

Training Solutions
Online Live

Request a consultation Add to favorites Print as PDF

Modern IT landscapes require fast, structured, and secure responses to security incidents. The content provides up-to-date expertise for dealing professionally with cyberattacks, based on recognized standards and realistic scenarios.

Key topics

  • Incident response and forensics in hybrid IT environments.
  • Analysis, containment, and documentation of security incidents.
  • Dealing with malware, network attacks, and data leaks.
  • Use of current security tools and AI-supported analysis approaches.
  • Legal, organizational, and technical framework conditions.

Prerequisites
Basic knowledge of IT, networks, and IT security is recommended.

Target group
IT specialists, security officers, system and network administrators, and individuals with responsibilities in the area of cyber security.

The knowledge imparted strengthens confidence in dealing with security incidents and supports the professional handling of growing threats in a digitally networked working environment.

Print as PDF
Course content
  • Analyze cyber threats and attack vectors
  • Define attack tactics and defense mechanisms
  • Review security concepts in IT systems
  • Recognize incident types and security incidents
  • Understand the process structure for incident management
  • Automate and coordinate response processes
  • Apply best practices for security incidents
  • Understanding standards for incident response
  • Interpret cybersecurity frameworks
  • Classify legal compliance and reporting requirements
  • Understanding the incident response process
  • Preparing for IT security incidents
  • Incident recording and clarifying responsibilities
  • Prioritizing security events
  • Alerting and communication channels
  • Containing threats in the system
  • Digital evidence collection and IT forensics
  • Removal of damaged components
  • Secure system recovery
  • Follow-up and lessons learned
  • Exchange of security-related information
  • First aid: basics and objectives
  • Securing and documenting the scene
  • Collecting evidence at the scene
  • Evidence: securing, packaging, transporting
  • Malware handling basics
  • Incident response preparation
  • Malware Detection Methods
  • Infection Containment
  • Analysis of infected systems
  • Removing Malware
  • System recovery after malware
  • Practical example of malware management
  • Security measures against malware
  • Understanding email threats
  • Preparing for email security incidents
  • Detecting and Containing Email Attacks
  • Analyzing digital email incidents
  • Eliminating email security risks
  • Recovery process after email incidents
  • Case study: Email security management
  • Email security: proven measures
  • Dealing with IT incidents in the network
  • Preparing for network security problems
  • Identifying and assessing threats
  • Responding to unauthorized network access
  • Dealing with network misuse
  • Measures to take in the event of DoS attacks
  • Managing security in WLAN environments
  • Analysis of security incidents using examples
  • Applying network security best practices
  • Incident management for web applications
  • Prepare a security strategy for web incidents
  • Detect and stop web security vulnerabilities early on
  • Analyze attacks on web applications
  • Fix security problems in web applications
  • Restore web platforms after attacks
  • Case study: Solve web security incidents professionally
  • Web app security – proven protective measures
  • Analyze cloud incidents
  • Identify steps for cloud incident detection
  • Handle security alerts in Azure
  • Manage AWS threats
  • Address security risks in Google Cloud
  • Cloud incidents in a practical example
  • Implementing cloud security best practices
  • Fundamentals of internal security risks
  • Measures to prepare for insider threats
  • Identification and control of internal attacks
  • Analysis of internal threat scenarios
  • Removal of internal security risks
  • Recovery after internal incidents
  • Practical example: Dealing with insider incidents
  • Effective strategies against internal threats
  • Responding to incidents at endpoints
  • Addressing security issues with mobile devices
  • Managing threats in the IoT environment
  • Handling incidents in OT systems
  • Practical example: Analyzing endpoint incidents

Frequently asked questions

  • An international certification for professional incident handling and structured procedures for IT security incidents.
  • For professionals in IT security, SOC, forensics, network operations, and IT administration with a focus on security.
  • The strong focus on real incidents, structured response plans, and practical decision-making processes.
  • Both. Technical analysis is combined with clear incident response frameworks.
  • It reduces downtime, damage, and legal risks following cyberattacks.
  • SIEM basics, log analysis, forensic approaches, threat intelligence, and escalation models.
  • Stronger positioning in the cybersecurity market and better opportunities in security operations roles.
Berlin
Bremen
Dortmund
Dusseldorf
Frankfurt
Hamburg
Hanover
Cologne
Leipzig
Munich
Nuremberg
Stuttgart

Do you have any further questions? Please contact us.