YoVDO

ECIH Cert Prep: Certified Incident Handler v2 (212-89)

Offered By: LinkedIn Learning

Tags

Cybersecurity Courses Network Security Courses Digital Forensics Courses Malware Analysis Courses Web Application Security Courses Cloud Security Courses Insider Threats Courses

Course Description

Overview

Learn the skills you need to become a successful incident handler and response team member, with an eye on passing the Certified Incident Handler v2 (E|CIH) exam.

Syllabus

Introduction
  • Overview
  • ECIH v2 EC-Council certification overview
1. Incident Handling and Response Process
  • Information security and incident management
  • What is vulnerability management?
  • What are threat assessments?
  • Risk management: Vocabulary
  • Risk management: The process
  • Risk management: The NIST RMF
  • Incident handling best practices, standards, and frameworks
  • Incident handling and legal compliance
2. Forensic Readiness and First Response
  • Step one: Prepare for incident handling and response
  • Step two: Incident recording and assignment
  • Step three: Incident triage
  • Step four: Notification
  • Step five: Containment
  • Step six: Evidence gathering and forensic analysis
  • Step seven: Eradication
  • Step eight: Recovery
  • Step nine: Postincident activities
3. Handling and Responding to Malware Incidents
  • Forensics and first response
  • Principles of digital evidence collection
  • Data acquisition
  • Volatile evidence collection
  • Static evidence collection and anti-forensics
4. Handling and Responding to Email Security Incidents
  • Preparation for handling malware incidents
  • Detection of malware incidents
  • Containment of malware incidents
  • Eradication of malware incidents
  • Recovery after malware incidents
5. Handling and Responding to Network Security Incidents
  • Handling email security incidents
6. Handling and Responding to Web Application Security Incidents
  • Preparation handling network security incidents
  • Detection and validation of network security incidents
  • Handling unauthorized access incidents
  • Handling inappropriate usage incidents
  • Handling denial-of-service incidents
  • Handling wireless network security incidents
7. Handling and Responding to Cloud Security Incidents
  • Preparation to handle web app security incidents
  • Detecting and analyzing web app security incidents
  • Containment of web app security incidents
  • Eradication of web app security incidents
  • Recovery from web app security incidents
  • Web app security threats and attacks
8. Handling and Responding to Insider Threats
  • Cloud computing concepts
  • Best practices against cloud security incidents
9. Hands-On with ECIH Tools
  • Best practices against insider threats
Conclusion
  • Security checks using buck-security in Linux
  • Volatile evidence collection in Linux and Windows
  • Using OSForensics to find hidden material
  • Analyzing nonvolatile data using the Autopsy tool
  • Malware analysis
  • Collecting information by tracing emails
  • Using OSSIM
  • Using Wireshark and Nmap
  • Using Suricata IDS
  • What does a SQL injection attack look like?
  • What does a XSS attack look like?

Taught by

ITProTV

Related Courses

AI for Cybersecurity
Johns Hopkins University via Coursera Certified Ethical Hacking (v12)
LearnKartS via Coursera Applied ChatGPT for Cybersecurity
Infosec via Coursera Cyber Security Foundations: Common Malware Attacks and Defense Strategies
EC-Council via FutureLearn Malware Analysis and Assembly Language Introduction
IBM via edX