- The C)IHE - Certified Incident Handling Engineer course, is designed to help Incident Handlers, System Administrators, and Security Engineers understand how to plan, create, and utilize their systems to prevent, detect, and respond to attacks through the use of mile2’s live hands-on Cyber Range. Mile 2 C)IHE strictly follows NIST’s 800-61 to identify the four phases of incident response: (1) preparation for a cybersecurity incident, (2) detection and analysis of a security incident, (3) containment, eradication, and recovery, and (4) post-incident analysis. With C)IHE’s in-depth certification training, the student will learn to develop start-to-finish processes for establishing an incident-handling team, strategizing for potential attack types, recovering from attacks, and much more.
Who should attend
Penetration Testers, Microsoft Administrator, Security Administrators, Active Directory Administrators, anyone looking to learn more about security.
Prerequisites
- 12 months network technologies
- Sound knowledge of networking and TCP/IP
- Linux knowledge is essential."
Course Objectives
Upon completion, Certified Incident Handling Engineer students will know NIST’s 800-61 four incident handling phases, be able to accurately report on their findings, and be ready to sit for the C)IHE exam.
Course Content
- Module 01: Incident Handling Explained
- Module 02: Incident Response Policy, Plan and Procedure Creation
- Module 03: Incident Response Team Structure
- Module 04: Incident Response Team Services
- Module 05: Incident Response Recommendations
- Module 06: Preparation
- Module 07: Detection and Analysis
- Module 08: Containment, Eradication and Recovery
- Module 09: Post Incident Activity
- Module 10: Incident Handling Checklist
- Module 11: Incident Handling Recommendations
- Module 12: Coordination and Information Sharing"
Comments
This course also prepares students for the exam CIH and GCIH and SEC 504, CCIH