ECIH

Course Description

The ECIH certification program is created to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to present-day and possible emerging computer security threats. The comprehensive training program will make students proficient in handling as well as responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats.

Key Outcomes

The key outcomes that the candidate will learn on the successful completion of the course are the following:

• Principals, processes and techniques for detecting and responding to security threats/ breaches

• Liaison with legal and regulatory bodies

• Learn to handle incidents and conduct assessments

• Cover various incidents like malicious code, network attacks, and insider attacks

Course Outline

• Introduction to Incident Response and Handling

• Risk Assessment

• Incident Response and Handling Steps

• CSIRT

• Handling Network Security Incidents

• Handling Malicious Code Incidents

• Handling Insider Threats

• Forensic Analysis and Incident Response

• Incident Reporting

• Incident Recovery

• Security Policies and Laws