Video description
The course begins with an exploration of fundamental concepts in information security and incident management, covering topics such as Vulnerability Management, Threat Assessments, Risk Management, and the NIST RMF.
The course guides you through the incident handling process, from preparation to post-incident activities. Learn how to prepare for incident handling, record and assign incidents, perform incident triage, and handle notifications effectively. The curriculum covers incident containment, evidence gathering, forensic analysis, eradication, recovery, and post-incident activities. Gain hands-on experience with ethical hacking tools and techniques, preparing you to address real-world cybersecurity challenges.
The course explores various security incidents, including network security, unauthorized access, inappropriate usage, denial-of-service, and web application security incidents. Additionally, delve into cloud security, insider threats, and essential security checks.
Upon course completion, you'll possess critical security analysis and incident response skills, equipping you to identify, address, and prevent complex cyber threats effectively.
What you will learn
- Develop a deep understanding of the incident handling process from preparation to post-incident activities
- Gain practical experience in digital evidence collection and forensic analysis
- Effectively manage various security incidents, including malware, network, and web application security incidents
- Grasp essential cloud security concepts and best practices
- Identify and mitigate insider threats effectively
- Utilize tools like OSForensics, Wireshark, and NMAP for cybersecurity tasks
Audience
This course is suitable for cybersecurity professionals, ethical hackers, incident responders, and individuals seeking to enhance their cybersecurity skills. A basic understanding of information security concepts is recommended.
About the Authors
ACI Learning: ACI Learning trains leaders in Cybersecurity, Audit, and Information Technology. Whether starting an IT career, mastering a profession, or developing a team, they provide essential support at every step.
Adam Gordon: Adam Gordon has 30+ years as an IT instructor in the private and public sectors. He holds more than 160 IT certifications. He has trained thousands of IT pros over the course of his career. He has over 160 professional and IT certifications.
Daniel Lowrie: After working professionally as a systems administrator and as a network administrator, Daniel switched to IT education. His certifications include CompTIA A+, Network+, Linux+, CySA+, and PenTest+; CEH; MCSA; CFR; eJPT.
Table of contents
-
Chapter 1 : Introduction to Information Security and Incident Management
- Overview
- ECIHv2 EC-Council Certification Overview
- Information Security and Incident Management
- What is Vulnerability Management
- What are Threat Assessments
- Risk Management - Vocabulary
- Risk Management - The Process
- Risk Management - The NIST RMF
- Incident Handling best practices, standards, frameworks
- Incident Handling and Legal Compliance
- Chapter 2 : Incident Handling and Response Process
- Chapter 3 : Digital Evidence and Forensics
- Chapter 4 : Malware Incident Handling
- Chapter 5 : Email Security Incident Handling
- Chapter 6 : Network Security Incident Handling
- Chapter 7 : Web Application Security Incident Handling
- Chapter 8 : Cloud Security Incidents
- Chapter 9 : Insider Threats Best Practices
-
Chapter 10 : Advanced Security Analysis and Tools
- Security checks using buck-security on Linux
- Volatile evidence collection - Linux, Windows
- Using OSForensics to find hidden material
- Analyzing non-volatile data using Autopsy
- Malware analysis
- Collecting information by tracing emails
- Using OSSIM
- Using Wireshark and NMAP
- Using Suricata IDS
- What does a SQL Injection Attack look like
- What does a XSS Attack look like
Product information
- Title: Certified Incident Handler (ECIH) v2
- Author(s):
- Release date: January 2024
- Publisher(s): Packt Publishing
- ISBN: 9781835883006
You might also like
video
CompTIA Server+ (SK0-005)
The course begins with an exploration of server architecture, delving into components, racks, power management, and …
video
CompTIA Linux+ (XK0-005)
Welcome to the CompTIA Linux+ (XK0-005) course, your gateway to mastering the Linux operating system. Our …
video
CompTIA Project+ (PK0-005)
The course begins by laying a solid foundation in project management principles, navigating through essential concepts …
video
Certified in Cybersecurity - CC (ISC)²
3+ hours of video training covering all the objectives of the new (ISC)² exam Certified in …