EC-Council Certified Incident Handler (ECIH)

Kaplan Singapore

Course introduction

Successful candidates will be able to:

  • Understand key issues related to information security
  • Learn to combat different types of cybersecurity threats, attack vectors, threat actors and their motives
  • Learn the fundamentals of incident management including the signs and costs of an incident
  • Understand the fundamentals of vulnerability management, threat assessment, risk management, and incident response automation and orchestration
  • Master all incident handling and response best practices, standards, cybersecurity frameworks, laws, acts and regulations
  • Decode the various steps involved in planning an incident handling and response programme
  • Gain an understanding of the fundamentals of computer forensics and forensic readiness
  • Comprehend the importance of the first response procedure including evidence collection, packaging, transportation, storing, data acquisition, volatile and static evidence collection, and evidence analysis
  • Understand anti-forensics techniques used by attackers to find cybersecurity incident cover-ups
  • Apply the right techniques to different types of cybersecurity incidents in a systematic manner including malware incidents, email security incidents, network security incidents, web application security incidents, cloud security incidents and insider threat-related incidents

Course Pre-Requisites

Minimum at Age: 16 years old

Work Experience: E|CIH is a specialist-level programme that caters to mid-level to high-level cybersecurity professionals. In order to increase your chances of success, it is recommended that you have at least 1 year of experience in the cybersecurity domain.

Target Audience

The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:

  • Penetration Testers
  • Vulnerability Assessment Auditors
  • Risk Assessment Administrators
  • Network Administrators
  • Application Security Engineers
  • Cyber Forensic Investigators, Analyst and SOC Analyst
  • System Administrators/Engineers
  • Firewall Administrators and Network Managers/IT Managers

Course Outline

Mode of training: Self-Study/Live Online/Master Class/In Person

Duration: 3 days or 24 hours

Course Structure:

Module 1: Introduction to Incident Handling and Response
Module 2: Incident Handling and Response Process
Module 3: Forensic Readiness and First Response
Module 4: Handling and Responding to Malware Incidents
Module 5: Handling and Responding to Email Security Incidents
Module 6: Handling and Responding to Network Security Incidents
Module 7: Handling and Responding to Web Application Security Incidents
Module 8: Handling and Responding to Cloud Security Incidents
Module 9: Handling and Responding to Insider Threats

Available Course Sessions

Please click here to stay updated on upcoming sessions.

Trainer Profile


Kaplan reserves the right to change trainer, in light of unforeseen circumstances.