Level: Foundation

Certified Incident Handler (ECIH)

2 Day | Instructor Led

EC-Council released the most advanced computer forensic investigation program in the world. This course covers major forensic investigation scenarios that enable you to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry-out a computer forensic investigation. Battles between corporations, governments, and countries are no longer fought using physical force. Cyber war has begun and the consequences can be seen in everyday life. With the onset of sophisticated cyber attacks, the need for advanced cybersecurity and investigation training is critical. If you or your organization requires the knowledge or skills to identify, track, and prosecute cyber criminals, then this is the course for you. You will learn how to excel in digital evidence acquisition, handling, and forensically sound analysis. These skills will lead to successful prosecutions in various types of security incidents such as data breaches, corporate espionage, insider threats, and other intricate cases involving computer systems.

Inquire About
Certified Incident Handler (ECIH)

Ideal Candidates for Certified Incident Handler (ECIH) Class

IT professionals involved with information system security, computer forensics, and incident response

Certified Incident Handler (ECIH) Prerequisites

Certified Ethical Hacker

What You'll Get in Certified Incident Handler (ECIH)

What You'll Learn in Certified Incident Handler (ECIH)

The computer forensic investigation process and the various legal issues involved
Evidence searching, seizing and acquisition methodologies in a legal and forensically sound manner
Types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category
Roles of the first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
Setting up a computer forensics lab and the tools involved in it
Various file systems and how to boot a disk
Gathering volatile and non-volatile information from Windows
Data acquisition and duplication rules
Validation methods and tools required
Recovering deleted files and deleted partitions in Windows, Mac OS X, and Linux
Forensic investigation using AccessData FTK and EnCase
Steganography and its techniques
Steganalysis and image file forensics
Password cracking concepts, tools, and types of password attacks
Investigating password protected files
Types of log capturing, log management, time synchronization, and log capturing tools
Investigating logs, network traffic, wireless attacks, and web attacks
Tracking emails and investigate email crimes
Mobile forensics and mobile forensics software and hardware tools
Writing investigative reports

Certified Incident Handler (ECIH) Certification

EC-Council Certified Incident Handler

Certified Incident Handler (ECIH) Outline

1. Computer Forensics in Today's World

2. Computer Forensics Investigation Process

3. Searching and Seizing Computers

4. Digital Evidence

5. First Responder Procedures

6. Computer Forensics Lab

7. Understanding Hard Disks and File Systems

8. Windows Forensics

9. Data Acquisition and Duplication

10. Recovering Deleted Files and Deleted Partitions

11. Forensics Investigation Using AccessData FTK

12. Forensics Investigation Using EnCase

13. Steganography and Image File Forensics

14. Application Password Crackers

15. Log Capturing and Event Correlation

16. Network Forensics, Investigating Logs and Investigating Network Traffic

17. Investigating Wireless Attacks

18. Investigating Web Attacks

19. Tracking Emails and Investigating Email Crimes

20. Mobile Forensics

21. Investigative Reports

22. Becoming an Expert Witness

Testimonials

A. Erlich

RITSC, N6C

I just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.

Wilder Guerra

US Navy Reserve

This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.

Rebekah Coughlin

MicroTech

The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.


Top Related Courses

Cyber Vanguard Series- Cyber Storm Assault Tactics

All actions in war, regardless of the level, are based upon either taking the initiative or reacting in response to the opponent. By taking the initiative, we dictate the terms of the conflict and force the enemy to meet us on our terms. The initiative allows us to pursue some positive aim even if only to preempt an enemy initiative. It is through the initiative that we seek to impose our will on the enemy.


Cyber Vanguard Series-Cyber Strike

Cyber Vanguard Series - Cyber Strike takes the offensive and defensive assault tactics and applies them in several different real world scenarios. The entire course is hands on and builds upon the skills and knowledge the students have previously received. Applications include Offensive only - Hunt Teaming, Data Harvesting, and Asset Extraction, Defensive Only – Defending Your Assets, Setting Active Intrusion Systems, Vulnerability Assessment and Remediation, and Offensive and Defensive – Capture the Flag, where teams are pitted against each other to protect their own resources while attacking the opposing team.


FireEye Enterprise Incident Response with MIR

This two-day instructor-led course provides an introduction to using Mandiant for Intelligent Response (MIR) as an incident response tool. Labs take students through a breach, teaching how to perform sweep hit analysis, build live response scripts, basic unknown binary analysis, and basic Indicator of Compromise (IOC) creation.


© 2018 Ultimate Knowledge Insitute | All Rights Reserved | GSA# GS-35F-0469W