Certified Incident Handler (ECIH) v2
Certified Incident Handler (ECIH) v2 Overview
This course covers the exam objectives of EC-Council's Certified Incident Handler v2 (E|CIH) program. It discusses the basic skills to handle and respond to security events and addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs: Penetration Testers Vulnerability Assessment Auditors Risk Assessment Administrators Network Administrators Application Security Engineers Cyber Forensic Investigators/ Analyst and SOC Analyst System Administrators/Engineers Firewall Administrators and Network Managers/IT Managers
0h 4m
You're watching ITProTV.
[MUSIC]
Greetings and welcome to
the ECIH series here at ITProTV.
I will be your host throughout
the series and my name is Daniel Lowry.
I've got a little over 20 years experience
and I've got quite a few certifications
underneath my belt that
are security focused.
Joining us will also be
a one Mr Adam Gordon.
Adam, welcome to the show, sir.
How are you?
I'm good.
How are you?
I'm good.
Tell us a little bit about yourself sir.
I am Adam, I am me, you are not.
So I also work with
Daniel here at ITProTV.
I'm an edutainer and
I focus on anything and
everything related to infrastructure and
security.
You've certainly probably seen both of
us in many courses here at ITProTV.
But if this is your first time
watching any of our content or
perhaps watching a course related to
security, I want to welcome you and
also tell you it's going to be
a really interesting journey.
You're gonna get to learn
a lot of really cool things,
both hands on as well as discussion based.
We're gonna spend a lot of
time showing you how to
become a successful incident handler and
response team member.
As well as hopefully taking and
passing the ECIH exam,
if that's what your ultimate goal is.
Awesome,
I guess that's a great first question.
Who is this course designed to reach?
So when we think about potential
audience, right, associated with ECIH,
it can be anybody that's looking
to become an incident handler,
whether you're a forensics expert
who perhaps is part of an IH&R team.
You may be a network administration or
system administration professional that's
been asked to bring your expertise of
infrastructure into this response effort,
either perhaps virtually,
perhaps full time, perhaps on demand.
But whatever you do, whoever you are, if
you're a manager, if you're an operator,
if you're a professional
just starting out and
looking to learn more about
incident handling and response,
we welcome all of you because any and all
of you can benefit from this information.
Awesome,
I guess that lends us to the what.
So what exactly,
at least in a condensed format,
are we going to be
learning in this series?
So when we think about
generally the coverage, right,
the knowledge associated with ECIH and
what it is involving, we're gonna be
focusing on the methodologies associated
with incident handling and response.
How we deal with the overall process,
really, at a high level,
what it means to respond to an incident,
what it means to ultimately identify the
issues and concerns associated with that.
To set up containment, to ultimately
understand how to analyze, to respond,
to mitigate, and then to document,
tell that story through reporting and
ultimately recover those systems,
hopefully back to full functionality.
We'll take a look at how to do
that all up as a process flow.
We'll look at that in different areas
of our network or data center and
infrastructure, organizational,
operational landscapes in email,
in the cloud, using web applications,
talking about networking and
network traffic, both wireless and wired.
We'll take a look at
the forensics aspects of IH&R,
of incident handling and response.
And we've got a special hands on section
dedicated to the use of tools that
are going to make you more successful and
hopefully help you to understand
how to implement those skills.
And Dan and I are gonna walk you through
showing you how to use those in a specific
focused environment where you can play
with them and see everything about them.
Well, I guess that actually touches
on my last question which will be,
how will this information
be presented to the viewer?
So
we're going to do a variety of things.
We're gonna chat just like we are now.
This is our normal way of interacting
with you and presenting information.
You'll see me and/or
Daniel discuss concepts,
we'll certainly engage you and
show you some information on the screen.
You'll see me use some PowerPoint
slide decks that will magically appear
highlighting information.
There will be detailed episode notes for
all the episodes we go through,
I encourage you to take a look at those,
especially if you're going to
be studying for the ECIH exam.
And as I mentioned, that super duper
special section at the end of the course
called the hands on section where Daniel
and I actually open up one or more virtual
machines, trot out these tools, implement
them and walk you through how to use them,
specifically the ones that are most
likely to be asked about on the exam.
So you're going to be able to not only
hear about how these things work,
be told about them,
interact with us and hear from us and
share our experiences with you about
how we do this in the real world,
but you're going to see both of us
show you what we do and how we do it.
So it's gonna be a nice mix of
different capabilities and modalities.
Well thanks so much for that Adam,
I know that I'm super
excited about this series.
Hopefully you are now as well, and
we look forward to seeing you
in those upcoming episodes.
Thank you for watching ITProTV.
Overview
This course covers the exam objectives of EC-Council's Certified Incident Handler v2 (E|CIH) program. It discusses the basic skills to handle and respond to security events and addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:
Penetration Testers
Vulnerability Assessment Auditors
Risk Assessment Administrators
Network Administrators
Application Security Engineers
Cyber Forensic Investigators/ Analyst and SOC Analyst
System Administrators/Engineers
Firewall Administrators and Network Managers/IT Managers
Learning Style
On Demand
Length of course
19h 34m
56 Episodes
Here are the topics we'll cover
- Introduction to Incident Handling and Response
- Incident Handling and Response Process
- Forensic Readiness and First Response
- Handling and Responding to Malware Incidents
- Handling and Responding to Email Security Incidents
- Handling and Responding to Network Security Incidents
- Handling and Responding to Web Application Security Incidents
- Handling and Responding to Cloud Security Incidents
- Handling and Responding to Insider Threats
- Hands-On with E|CIH Tools
Learning Options