Black Friday 2024: 25+ Ways to Save on Online Learning

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

ECIH Cert Prep: Certified Incident Handler v2 (212-89)

via LinkedIn Learning

Go to class Write review

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Grab it
Learn the skills you need to become a successful incident handler and response team member, with an eye on passing the Certified Incident Handler v2 (E|CIH) exam.

Syllabus

Introduction
  • Overview
  • ECIH v2 EC-Council certification overview
1. Incident Handling and Response Process
  • Information security and incident management
  • What is vulnerability management?
  • What are threat assessments?
  • Risk management: Vocabulary
  • Risk management: The process
  • Risk management: The NIST RMF
  • Incident handling best practices, standards, and frameworks
  • Incident handling and legal compliance
2. Forensic Readiness and First Response
  • Step one: Prepare for incident handling and response
  • Step two: Incident recording and assignment
  • Step three: Incident triage
  • Step four: Notification
  • Step five: Containment
  • Step six: Evidence gathering and forensic analysis
  • Step seven: Eradication
  • Step eight: Recovery
  • Step nine: Postincident activities
3. Handling and Responding to Malware Incidents
  • Forensics and first response
  • Principles of digital evidence collection
  • Data acquisition
  • Volatile evidence collection
  • Static evidence collection and anti-forensics
4. Handling and Responding to Email Security Incidents
  • Preparation for handling malware incidents
  • Detection of malware incidents
  • Containment of malware incidents
  • Eradication of malware incidents
  • Recovery after malware incidents
5. Handling and Responding to Network Security Incidents
  • Handling email security incidents
6. Handling and Responding to Web Application Security Incidents
  • Preparation handling network security incidents
  • Detection and validation of network security incidents
  • Handling unauthorized access incidents
  • Handling inappropriate usage incidents
  • Handling denial-of-service incidents
  • Handling wireless network security incidents
7. Handling and Responding to Cloud Security Incidents
  • Preparation to handle web app security incidents
  • Detecting and analyzing web app security incidents
  • Containment of web app security incidents
  • Eradication of web app security incidents
  • Recovery from web app security incidents
  • Web app security threats and attacks
8. Handling and Responding to Insider Threats
  • Cloud computing concepts
  • Best practices against cloud security incidents
9. Hands-On with ECIH Tools
  • Best practices against insider threats
Conclusion
  • Security checks using buck-security in Linux
  • Volatile evidence collection in Linux and Windows
  • Using OSForensics to find hidden material
  • Analyzing nonvolatile data using the Autopsy tool
  • Malware analysis
  • Collecting information by tracing emails
  • Using OSSIM
  • Using Wireshark and Nmap
  • Using Suricata IDS
  • What does a SQL injection attack look like?
  • What does a XSS attack look like?

Taught by

ITProTV

Reviews

4.6 rating at LinkedIn Learning based on 72 ratings

Start your review of ECIH Cert Prep: Certified Incident Handler v2 (212-89)

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.