Professional Certification Series

ECIH ( EC Council Certified Incident Handler) Self-Paced (212-89)


Delivery: Online

The EC-Council’s ECIH-Certified Incident Handler certification is a program that will provide students with the skills they will need in order to identify and minimize the damage caused by computer security incidents. This incident response course will cover the basics of computer security incidents, including introducing students to the different kinds of security incidents and the ways these incidents can expose an information system to the risks of unauthorized access or loss of information. Certified students will gain knowledge in assessing risk, computer forensics, and creating computer security incident response teams.

Students will learn about the legal implications they will have to consider when attempting to neutralize the damage that can be caused by network security threats. The course will also cover designing suitable business continuity plans, providing students with the knowledge they will need to help their organizations continue operations in the event of a significant security incident.

Topics & Concepts Covered in ECIH Training Include:

  • Principles and techniques for detecting and responding to current and emerging computer security threats

  • How to handle various types of incidents

  • Risk assessment methodologies

  • Various laws and policies related to incident handling

Target Audience:
Students who finish the certification will be able to enter the computer security field with the knowledge required to set up appropriate and effective policies to deal with a variety of computer security incidents. System administrators, IT managers and directors, and anyone who works in computer security can benefit from obtaining this certification.

Enrollment Prerequisites/Academic Requirements:
In order to be certified, students will need to take a two-hour exam, ECIH 212-89. During the exam, the students will have to demonstrate their knowledge of several areas related to computer security incident handling, including risk assessment, the steps to identifying security incidents, in particular, malicious code incidents and insider threats, and incident reporting and recovery.
Course Length/Delivery:


On demand.

  • Topic 1: Techniques for detecting/responding to emerging comp. security threats.
  • Topic 2: How to handle various types of incidents
  • Topic 3: Risk assessment methodologies
  • Topic 4: Various laws and policies related to incident handling
Completion rules
  • All units must be completed