EC-Council Certified Incident Handler

www.infosectrain.com | sales@infosectrain.com
 • What is ECIH Certification?
• The EC-Council Certified Incident Handler (ECIH)
certification is necessary for Cybersecurity
professionals who deal with threats on a regular basis.
A professional cyber incident handler is in full demand
by the organization for planning, managing,
coordinating, and communicating with other staff to
minimize the effects of an incident. This course has
been well-structured to equip professionals in creating
incident handling codes, learning about laws and
policies for incident handling, and understanding
various types of incidents such as network security
incidents, malicious code incidents and insider attack
incidents.

www.infosectrain.com | sales@infosectrain.com
www.infosectrain.com | sales@infosectrain.com
What do you mean by ECIH webpage?
The EC-Council’s ECIH webpage includes several concepts which may include tips for
clearing ECIH examination, modules that are covered in ECIH examination, who should do
ECIH training, etc.

Tips for clearing ECIH examination

There are five tips to clear ECIH examination and they may include:
Know what to study: The ECIH exam has in total 100 questions across each concept. By
listing out various concepts, will let you know what to study and what all modules are
included in the examination. There are the following ECIH exam modules which include:
Be realistic with your plan: Ensure that you have sufficient time to find and study the
concepts on your own before the exam. Prepare a schedule by estimating how much time
it will take to finish studying the topics.
Test yourself with free sources: The ECIH webpage has many free resources that can
help you prepare for the examination. The ECIH exam blueprint will give an overall view of
the topics covered, and how much percentage of questions are dedicated to each topic.
This will help you to construct a well-structured study plan.
Attempt the exam with full focus: As the exam is of three-hours and you have 100
questions, ensure you provide proper time management i.e. 1.5 minutes on a question and
after that you have enough time to scan through the paper.

www.infosectrain.com | sales@infosectrain.com
Who should do ECIH training?
This course is suitable for professionals who handle threats on regular basis and may
include:
Incident Handlers
Risk Assessment Administrators
Penetration Testers
Cyber Forensic Investigators
Vulnerability Assessment Auditors
System Administrators and Engineers
Firewall Administrators
Network Managers
IT Managers

Purpose of ECIH
ECIH enables individuals and organizations to handle and respond to different types of
cybersecurity incidents in a systematic way
To ensure that organization can identify and recover from attack as quickly as possible
To restore regular operations of the organization by minimizing the negative impact on the
business operations
Structuring security policies with efficiency and ensuring the quality of services is maintained
at agreed levels
To minimize the loss after-effects breach of the incident
For individuals: To enhance skills on incident handling and boost their employability

www.infosectrain.com | sales@infosectrain.com
 ECIH Certification Objectives

• Understand the key issues in plaguing the information security

world
• Learn to tackle various types of cybersecurity threats, attack
vectors, and threat actors
• Understand the basics the vulnerability management, threat
assessment, risk management, and incident response automation
• Master all incident handling best practices, standards,
cybersecurity frameworks, laws, acts and regulations
• Understand the basics of computer forensics
• Apply the right techniques to different types of cybersecurity
incidents in a systematic manner including malware incidents,
email security incidents, network security incidents, web
application security incidents, cloud security incidents, and
insider-threat incidents

www.infosectrain.com | sales@infosectrain.com
 ECIH exam domains

ECIH contains the following exam modules that are useful for clearing the examination:

Module 1: Introduction to Incident Handling and Response

Module 2: Incident Handling and Response process

Module 3: Forensic Readiness and First Response

Module 4: Handling and Responding to Malware Incidents

Module 5: Handling and Responding to Email Security Incidents

Module 6: Handling and Responding to Network Security Incidents

Module 7: Handling and Responding to Web Application Security Incidents

Module 8: Handling and Responding to Cloud Security Incidents

Module 9: Handling and Responding to Insider Threats

www.infosectrain.com | sales@infosectrain.com
 ECIH exam details

Exam Title EC-Council Certified Incident Handler

Number of questions 100

Exam duration 3 hours

Format of Test Multiple choice

Passing Score In order to maintain integrity of the

examination EC-Council exams are
provided in multiple forms. To ensure
each form has equal ECIH assessment
standards, cut scores are set on “per
exam form” basis. Depending on which
exam form is challenged, cut scores can
range from 60% to 85%

www.infosectrain.com | sales@infosectrain.com
 Prerequisites
•Working experience of one year in managing Windows/Unix/Linux
systems or have equivalent knowledge or skills
•Good understanding of network and security services.

Conclusion
Due to the increasing number of cybersecurity threats, it becomes
an important task for an organization to identify, control and
minimize the incidents that are taking place in this technology
world. ECIH certification can be useful for identifying these
incidents such as malware incidents, email security incidents,
network security incidents, web application security incidents,
cloud security incidents, and insider-threat incidents. So, Incident
Management Lifecycle is implemented in each and every
organization so as to identify the incidents and minimize the risk
of it.

www.infosectrain.com | sales@infosectrain.com
 Why choose Infosec Train for ECIH training?

Infosec Train is a leading IT security training provider offering diversified

training programs for globally recognized certifications. They are
partnered with EC-Council, Microsoft, CompTIA, PECB, and Certnexus.
Infosec Train has highly certified and has skilled trainers in various
aspects of security offering quality knowledge with full dedication, and
commitment. They can also provide full-fledged preparation materials
for various security exams. So Infosec Train is better for security-related
concepts as they have good trainers with full knowledge. So Infosec Train
is best suited for ECIH certification.

www.infosectrain.com | sales@infosectrain.com
About InfosecTrain
• Established in 2016, we are one of the finest
Security and Technology Training and
Consulting company

• Wide range of professional training programs,

certifications & consulting services in the IT
and Cyber Security domain

• High-quality technical services, certifications

or customized training programs curated with
professionals of over 15 years of combined
experience in the domain

www.infosectrain.com | sales@infosectrain.com
 Our Endorsements

www.infosectrain.com | sales@infosectrain.com
Why InfosecTrain Global Learning Partners

Certified and Flexible modes Access to the

Experienced Instructors of Training recorded
sessions

Post training Tailor Made

completion Training

www.infosectrain.com | sales@infosectrain.com
 Our Trusted Clients

www.infosectrain.com | sales@infosectrain.com
Contact us
Get your workforce reskilled
by our certified and
experienced instructors!

IND: 1800-843-7890 (Toll Free) / US: +1 657-221-1127 /

UK : +44 7451 208413

sales@infosectrain.com

www.infosectrain.com