Incident Handling Engineer


The Certified Incident Handling Engineer vendor neutral certification is designed to help Incident Handlers, System Administrators, and any General Security Engineers understand how to plan, create and utilize their systems in order to prevent, detect and respond to attacks.

In this in-depth training, students will learn step-by-step approaches used by hackers globally, the latest attack vectors and how to safeguard against them, Incident Handling procedures (including developing the process from start to finish and establishing your Incident Handling team), strategies for each type of attack, recovering from attacks and much more.

Furthermore, students will enjoy numerous hands-on laboratory exercises that focus on topics, such as reconnaissance, vulnerability assessments using Nessus, network sniffing, web application manipulation, malware and using Netcat plus several additional scenarios for both Windows and Linux systems.


Graduates of the mile2 Certified Incident Handling Engineer training obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against threats. This course covers the same objectives as the SANS® Security 504 training and prepares students for the GCIH® and CIHE certifications

Duration: 5 days
Language: English

Live Virtual Training
A minimum of 12 months experience in networking technologies
Sound knowledge of TCP/IP
Knowledge of Microsoft packages
Basic Knowledge of Linux is essential

Student Materials:
Student Workbook
Student Lab Guide
Student Exam prep guide
Certification Exam:
CIHE- Certified Incident Handling Engineer
Covers GCIH- GIAC Certified Incident Handler
CPEs: 40
Upon completion of the Certified Incident Handling Engineer course, students will be able to confidently undertake the CIHE certification examination (recommended). Students will enjoy an in-depth course that is continuously updated to maintain and incorporate the ever changing security world. This course offers up-to-date proprietary laboratories that have been researched and developed by leading security professionals from around the world.
The Certified Incident Handling Engineer exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your account. The exam will take 2 hours and consist of 100 multiple-choice questions. The exam must be purchased separetely.
Module 0 – Course Introduction
Module 1 - Incident Handling Explained
Module 2 - Threats, Vulnerabilities and Exploits
Module 3 – Preparation
Module 4 - First Response
Module 5 – Containment
Module 6 – Eradication
Module 7 – Recovery
Module 8 - Follow-Up
Module 9 – Computer Security Incident Response Team
Module 10 – Log File Analysis
Module 11 – Malware, Rootkits, Botnets
Module 12 – Artifact Analysis
Lab 1 – Tools Introduction
Lab 2 – Cyber Attacks – Networking
Lab 3 – Cyber Attacks – Web Application
Lab 4 – Cyber Attacks – Viruses
Lab 5 – Ticketing System
Lab 6 – SysInternals Suite
Lab 7 – Creating and Managing a CSIRT Action Plan
Lab 8 – Log Analysis
Lab 9 – Exploits and DoS
Lab 10 – Stuxnet Trojan: Memory Analysis using Volatility
Lab 11 – Find the Hack(s)

Partener: Mile 2
Trainer: Mile2 Certified Trainer
Tip: Virtual
Cod: C)IHE
Durata: 5 zile

Alte cursuri similare
Cuvinte cheie