Certified Incident Handler (CIH)

with

 
 
 

About the Program

This online program includes training for the EC-Council Certified Incident Handler (ECIH), CompTIA Security+, & CompTIA PenTest+ certification exams. The courses are designed to prepare you for a successful career in cybersecurity.

EC-Council Certified Incident Handler

The EC-Council Certified Incident Handler (ECIH) program focuses on a structured approach for performing the incident handling and response (IH&R) process. The IH&R process includes stages like incident handling and response preparation, incident validation and prioritization, incident escalation and notification, forensic evidence gathering and analysis, incident containment, systems recovery, and incident eradication. This systematic incident handling and response process creates awareness among incident responders in knowing how to respond to various types of security incidents.

Cybersecurity Professionals interested in pursuing incident handling and response as a career require comprehensive training on the IH&R concepts as well as real-world scenarios. The ECIH program includes hands-on learning delivered through iLabs, online labs within the training program.

  • EC-Council’s Certified Incident Handler provides students with a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. The skills taught in EC-Council’s ECIH program are desired by cybersecurity professionals from around the world and is respected by employers.

    ECIH Course Benefits

    • To enable individuals and organizations with the ability to handle and respond to different types of cybersecurity incidents in a systematic way.

    • To ensure that organization can identify, contain, and recover from an attack.

    • To reinstate regular operations of the organization as early as possible and mitigate the negative impact on the business operations.

    • To be able to draft security policies with efficacy and ensure that the quality of services is maintained at the agreed levels.

    • To minimize the loss and after-effects breach of the incident.

    • For individuals: To enhance skills on incident handling and boost their employability.

    • Penetration Testers

    • Vulnerability Assessment Auditors

    • Risk Assessment Administrators

    • Network Administrators

    • Application Security Engineers

    • Cyber Forensic Investigators/ Analyst and SOC Analyst

    • System Administrators/Engineers

    • Firewall Administrators and Network Managers/IT Managers

  • To be eligible to sit the ECIH Exam, the candidate must either:

    • Attend official ECIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see https://iclass.eccouncil.org).

    OR

    • Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.

    Number of Questions: 100

    Test Duration: 3 Hours

    Test Delivery: ECC Exam Portal

    Test Format: Multiple Choice

    Passing Score: 70%

CompTIA Security+

CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career. Security+ opens the door to your cybersecurity career!

  • Why is Security+ different?

    • More choose Security+ - chosen by more corporations and defense organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance.

    • Security+ proves hands-on skills – the only baseline cybersecurity certification emphasizing hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues.

    • More job roles turn to Security+ to supplement skills – baseline cybersecurity skills are applicable across more of today’s job roles to secure systems, software and hardware.

    • Security+ is aligned to the latest trends and techniques – covering the most core technical skills in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations, and security controls, ensuring high-performance on the job.

    What Skills Will You Learn?

    • Attacks, Threats and Vulnerabilities- Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.

    • Operations and Incident Response- Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics.

    • Architecture and Design - Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.

    • Governance, Risk and Compliance- Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.

    • Implementation- Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.

    • Security Administrator

    • Systems Administrator

    • Helpdesk Manager / Analyst

    • Network / Cloud Engineer

    • Security Engineer / Analyst

    • DevOps / Software Developer

    • IT Auditors

    • IT Project Manager

  • CompTIA Security+ is the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:

    • Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions

    • Monitor and secure hybrid environments, including cloud, mobile, and IoT

    • Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance

    • Identify, analyze, and respond to security events and incidents

    Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

    Number of Questions: Maximum of 90 questions

    Type of Questions: Multiple choice and performance-based questions

    Duration: 90 minutes

    Passing Score: 750 (on a scale of 100-900)

    Testing Provider: Pearson VUE

CompTIA Pentest+

CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management.

  • Why is PenTest+ Different?

    • CompTIA PenTest+ is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.

    • PenTest+ is the only exam on the market to include all aspects of vulnerability management. It not only covers hands-on vulnerability assessment, scanning, and analysis, but also includes planning, scoping, and managing weaknesses, not just exploiting them.

    • PenTest+ is the most current penetration testing exam covering the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises.

    What Skills Will You Learn?

    • Planning and Scoping- Includes updated techniques emphasizing governance, risk, and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset.

    • Reporting and Communication- Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report.

    • Information Gathering and Vulnerability Scanning- Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise.

    • Tools and Code Analysis- Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test. It is important to note that no scripting and coding is required.

    • Attacks and Exploits- Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques.

    • Penetration Tester

    • Security Consultant

    • Cloud Penetration Tester

    • Web App Penetration Tester

    • Cloud Security Specialist

    • Network & Security Specialist

  • The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques.

    Number of Questions: Maximum of 85 questions

    Type of Questions: Performance-based and multiple choice

    Duration: 165 Minutes

    Passing Score: 750 (on a scale of 100-900)

    Recommended Experience: Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

    Testing Provider: Pearson VUE


Tuition & Program Info

To learn more about ETI’s tuition and financial aid options, click here.

$3,997

This is a self-paced program. Self-paced programs create a unique learning experience that allows students to learn independently and at a pace that best suits them.

Duration: 16 Weeks

Students have full online access to the program for 1 year.

Exam Vouchers are Included with Tuition

Program Includes:

  • CompTIA Security+ & PenTest+

    • E-books

    • Virtual practice labs

    • Mentoring

    • Bootcamps (optional live, instructor-led sessions that include program review, additional information, and Q&As)

    • Test review questions

  • EC-Council ECIH

    • ECIH Online Self-Paced Streaming Video Course (1 year access)

    • CyberQ Labs (6 Months Access)

    • Certificate of Completion from EC-Council

    • ECIH (Practical) - iLearn Add On

    • CodeRed (12-month Subscription)

      • 4000+ Premium Videos

      • New courses and content added weekly

      • Courses contain an abundance of demo lab videos that dive deeper into important cyber concepts

    • ECIH Printed Courseware (US courses Only)


Course Breakdown

    • Mentoring Security+

    • TestPrep Security+ SY0-601: used to test your knowledge on the skills and competencies being measured by the vendor certification exam. TestPrep can be taken in either Study or Certification mode. Study mode is designed to maximize learning while certification mode is designed to test your knowledge of the material within a structured testing environment, providing valuable feedback at the end of the test.

    • The Present Threat Landscape

    • Types of Malware

    • Social Engineering and Related Attacks

    • Application and Service Attacks

    • Cryptographic and Wireless Attacks

    • Penetration Testing and Vulnerability Scanning

    • Impacts from Vulnerability Types

    • Components Supporting Organizational Security

    • Security Assessment Using Software Tools

    • Cryptography

    • Public Key Infrastructure

    • Wireless Security Settings

    • Analyzing Output from Security Technologies

    • Deploying Mobile Devices Securely

    • Implementing Secure Protocols

    • Troubleshooting Common Security Issues

    • Identity Concepts and Access Services

    • Identity and Access Management Controls

    • Common Account Management Practices

    • Frameworks, Guidelines, and Physical Security

    • Implement Secure Network Architecture Concepts

    • Secure System and Application Design and Deployment

    • Cloud, Virtualization, and Resiliency Concepts

    • Policies, Plans, and Procedures

    • Business Impact Analysis and Risk Management

    • Incident Response, Forensics, and Disaster Recovery

    • Mentoring PT0-001 CompTIA PenTest+: mentors are available to help students with their studies. Students can reach them by entering a Mentored Chat Room or by using the Email My Mentor service.

    • Planning for an Engagement

    • Scoping an Engagement

    • Information Gathering

    • Vulnerability Identification

    • Social Engineering and Specialized System Attacks

    • Network-Based Exploits

    • Application-Based Vulnerabilities

    • Local Host Vulnerabilities

    • Post-Exploitation and Facilities Attacks

    • Penetration Testing Tools

    • Analyzing Tool and Script Output

    • Reporting and Communication

    REFERENCE MANUAL: CompTIA PenTest+ Certification Practice Exams (Exam PT0-001)

  • Module 01: Introduction to Incident Handling and Response

    Module 02: Incident Handling and Response Process

    Module 03: Forensic Readiness and First Response

    Module 04: Handling and Responding to Malware Incidents

    Module 05: Handling and Responding to Email Security Incidents

    Module 06: Handling and Responding to Network Security Incidents

    Module 07: Handling and Responding to Web Application Security Incidents

    Module 08: Handling and Responding to Cloud Security Incidents

    Module 09: Handling and Responding to Insider Threats