Certified Incident Handler

The Certified Incident Hacker (ECIH) programme, developed by EC-Council, is aimed at those wanting to develop or prove their knowledge of incident response.

The course provides students with the knowledge and ability to prepare for and eradicate threats during an incident and to effectively perform post-incident activities including evidence gathering and analysis.

The course balances structured online or classroom learning (with our lead instructor Cary Hendricks) with practical experience via scenario-based labs.

Get in touch

Who Is It For?

Certified Ethical Hacker is aimed at those who already have some cyber security knowledge and experience and would like to further develop those skills, or those with a firm grasp of many cyber security topics who would like to prove those skills with certification.

It is useful for both red and blue team professionals, to support them in developing their practical skills or gaining a deeper understanding of the types of attacks their clients may experience.

If you're unsure whether Certified Incident Handler is the right course for you, please get in touch—we'd be happy to discuss the various options.

Learn

Structured sessions with our lead instructor, covering 20 modules and 550 attack techniques, and access to over 200 labs

Certify

Multiple choice exam, with optional practical exam for higher-level certification

Engage

Optional: Carry out a mock hacking engagement against an emulated organisation

Compete

Optional: Take part in global CTF challenges to keep practising and developing your skills

Get in touch

Course Contents

Introduction to Incident Handling and Response

Incident Handling and Response Process

First
Response

Handling and Responding to Malware Incidents

Handling and Responding to Email Security Incidents

Handling and Responding to Network Security Incidents

Handling and Responding to Web Application Security Incidents

Handling and Responding to Cloud Security Incidents

Handling and Responding to Insider Threats

Handling and Responding to Endpoint Security Incidents

Get in touch

Full topics list

Hands-On Labs

Scenario-based labs, allowing you to practise your skills in a controlled and secure environment

Scanning Networks

Labs include host, port, service, and OS discovery, scanning beyond IDS and firewall, and scanning using AI

System Hacking

Labs include privilege escalation, hiding data with steganography, clearing logs, and buffer overflow attacks

Cryptography

Labs include creating self-signed certificates, cryptanalysis, disk encryption, and cryptography using AI

...and dozens more!

Labs throughout the 20 modules, covering social engineering, sniffing, SQL injection, mobile platforms, IoT and OT hacking, and much more

Assessment

Assessment is via an online multiple choice exam, with 100 questions and lasting 3 hours.

Get in touch