certified incident handler (E|CIH) training

Description

E|CIH training combines theoretical concepts and practical exercises to enable participants to become competent incident managers. It covers the entire incident management lifecycle, from preparation to response and post-incident analysis.

Day 1: Introduction to Incident Management

  • Definition and importance of incident management: Introduction to the fundamental concepts of incident management, including its essential role in protecting information assets and ensuring business continuity.
  • Incident management frameworks and standards: Presentation of relevant standards, such as ISO/IEC 27035, which provide guidelines for establishing an effective incident management process.

Day 2: Incident Identification and Classification

  • Techniques for detecting and reporting incidents: Proactive and reactive detection methods, including the use of monitoring and alerting tools.
  • Incident classification according to severity: Classification systems to assess the potential impact on the organization, facilitating an appropriate response.

Day 3: Incident analysis

  • Methods for analyzing security incidents: Approaches to analyzing the root causes of incidents, including forensic analysis and examination of event logs.
  • Use of analysis and investigation tools: Introduction to various software tools used for incident analysis and documentation, enabling a rapid and informed response.

Day 4: Incident Response

  • Developing response plans: Creation of detailed plans for responding to different types of incident, including roles and responsibilities within the team.
  • Steps to contain and resolve incidents: Protocols for containing an incident, minimizing damage and restoring normal operations. This includes internal and external communication during a crisis.

Day 5: Recovery and Return to Normality

  • Strategies for restoring systems after an incident: Techniques for recovering affected systems, including backups and restoration.
  • Verifying system and data integrity: Processes to ensure that all systems are secure and that data has not been compromised.
  • Documentation of incidents and responses: Importance of accurate documentation for monitoring and continuous improvement.
  • Analysis of lessons learned to improve security: Using the results of a post-incident analysis to reinforce existing security policies and prevent future incidents.
  • Cybersecurity professionals: Information security analysts, engineers and managers.
  • Systems managers: People responsible for managing IT systems and network security.
  • Incident response teams : Team members responsible for managing and responding to security incidents.
  • Security consultants: Professionals wishing to deepen their incident management skills.
  • Basic cybersecurity knowledge: An understanding of the fundamental concepts of IT security is recommended.
  • Work experience: Experience in an IT security or risk management role is desirable, but not strictly necessary.
  • Understanding security incidents: Gain in-depth knowledge of the types of security incidents and their impact.
  • Developing practical skills: Learn to identify, analyze and respond to security incidents.
  • Implementing incident management processes: Develop and apply effective incident management procedures.
  • Continuous improvement: Incorporate lessons learned into incident prevention and response strategies.

Training Details

We design, build and support digital products for clients who want to make a positive impact in their industry. Creative with technology, we develop great solutions to help our clients grow and especially by strengthening our relationships based on continuous improvement, maintenance, support and hosting services.

Follow us