Course Information
- Course Code212-89
- Duration3 Days
- DeliveryOnline Live, I Learning
What You Will Learn
- Master the complete Incident Handling and Response (IH&R) lifecycle, including preparation, detection, validation, escalation, containment, eradication, recovery, and post-incident reporting.
- Develop hands-on expertise in managing diverse security incidents, including malware, network, email, web application, cloud, and insider threats, using real-world lab scenarios.
- Understand forensic readiness and first response principles, including evidence acquisition, handling volatile and static data, and applying anti- forensics countermeasures.
- Learn to apply structured methodologies, frameworks, standards, and regulations in the incident handling process for improved compliance and effectiveness.
- Gain proficiency in using advanced incident handling tools and techniques, including forensic investigation, threat intelligence integration, and automated response solutions.
- Build skills in developing comprehensive incident response plans, threat actor profiling, and delivering actionable reports to stakeholders to enhance organizational security posture.
Course Curriculum
All You Need to Know
The course is designed for Incident Handlers, Risk Assessment Administrators, Cyber Forensics Investigators, Vulnerability Assessment Auditors, and Network Administrators.
It is recommended that you obtain the CEH – Certified Ethical Hacker and CND – Certified Network Defender certifications beforehand.
E|CIH Instructor-led live online package includes:
- Live online instructor-led training with Master Trainer
- One year access to training videos from master trainer
- Six months access to ilabs
- One year access to ecourseware
- Exam voucher
- Certificate of completion
E|CIH iLearn package includes:
- One year access to training videos from master trainer
- Six months access to ilabs
- One year access to ecourseware
- Exam voucher
- Certificate of completion
This course prepares you to take the ANSI-accredited EC-Council Certified Incident Handler 212-89 exam. The course fee includes a Pearson Vue exam voucher.
Frequently Asked Questions
Exam code 212-89 (ECIH v3).
EC-Council recommends around 1 year of information security experience, though this can typically be met through official training.
Incident responders, SOC analysts, and IT/security professionals responsible for managing security incidents.
Yes — the course follows structured, industry-recognised incident handling processes covering the full incident lifecycle.
CSA focuses on SOC monitoring and detection, while ECIH focuses on what happens next — containing, eradicating, and recovering from confirmed incidents.