YoVDO

ECIH Cert Prep: Certified Incident Handler v2 (212-89)

Offered By: LinkedIn Learning

Tags

Cybersecurity Courses Network Security Courses Digital Forensics Courses Malware Analysis Courses Web Application Security Courses Cloud Security Courses Insider Threats Courses

Course Description

Overview

Learn the skills you need to become a successful incident handler and response team member, with an eye on passing the Certified Incident Handler v2 (E|CIH) exam.

Syllabus

Introduction
  • Overview
  • ECIH v2 EC-Council certification overview
1. Incident Handling and Response Process
  • Information security and incident management
  • What is vulnerability management?
  • What are threat assessments?
  • Risk management: Vocabulary
  • Risk management: The process
  • Risk management: The NIST RMF
  • Incident handling best practices, standards, and frameworks
  • Incident handling and legal compliance
2. Forensic Readiness and First Response
  • Step one: Prepare for incident handling and response
  • Step two: Incident recording and assignment
  • Step three: Incident triage
  • Step four: Notification
  • Step five: Containment
  • Step six: Evidence gathering and forensic analysis
  • Step seven: Eradication
  • Step eight: Recovery
  • Step nine: Postincident activities
3. Handling and Responding to Malware Incidents
  • Forensics and first response
  • Principles of digital evidence collection
  • Data acquisition
  • Volatile evidence collection
  • Static evidence collection and anti-forensics
4. Handling and Responding to Email Security Incidents
  • Preparation for handling malware incidents
  • Detection of malware incidents
  • Containment of malware incidents
  • Eradication of malware incidents
  • Recovery after malware incidents
5. Handling and Responding to Network Security Incidents
  • Handling email security incidents
6. Handling and Responding to Web Application Security Incidents
  • Preparation handling network security incidents
  • Detection and validation of network security incidents
  • Handling unauthorized access incidents
  • Handling inappropriate usage incidents
  • Handling denial-of-service incidents
  • Handling wireless network security incidents
7. Handling and Responding to Cloud Security Incidents
  • Preparation to handle web app security incidents
  • Detecting and analyzing web app security incidents
  • Containment of web app security incidents
  • Eradication of web app security incidents
  • Recovery from web app security incidents
  • Web app security threats and attacks
8. Handling and Responding to Insider Threats
  • Cloud computing concepts
  • Best practices against cloud security incidents
9. Hands-On with ECIH Tools
  • Best practices against insider threats
Conclusion
  • Security checks using buck-security in Linux
  • Volatile evidence collection in Linux and Windows
  • Using OSForensics to find hidden material
  • Analyzing nonvolatile data using the Autopsy tool
  • Malware analysis
  • Collecting information by tracing emails
  • Using OSSIM
  • Using Wireshark and Nmap
  • Using Suricata IDS
  • What does a SQL injection attack look like?
  • What does a XSS attack look like?

Taught by

ITProTV

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network