Why You Should Take the Certified Incident Handler (E|CIH) Certification by EC-Council


I chose to go the self-taught route rather than attending an in-person training center because I have ADHD, and this option allows me to learn at my own pace and review things as often as I wishes.

What was included in the course?

  • EC-Council E|CIH Official Course Materials
  • Official access to the E|CIH laboratory
  • EC-Council E|CIH exam

It took me about five months to go through the course manual and the labs between work time and family time (I have three kids) so that was good because you have 12 months access in the program.

Since I work in the incident response industry, the E|CIH course was in-depth and more challenging than I had anticipated. Although it crossed my mind that it might be a little easier than it was, I was wrong.

The course was excellent and thorough, covering all aspects of incident management across nine modules:

  • Module 1: Introduction to Incident Management and Response
  • Module 2: Incident handling and response process
  • Module 3: Forensic Preparation and First Response
  • Module 4: Malware Incident Management and Response
  • Module 5: Email Security Incident Management and Response
  • Module 6: Network Security Incident Management and Response
  • Module 7: Web Application Security Incident Management and Response
  • Module 8: Cloud Security Incident Management and Response
  • Module 9: Insider Threat Management and Response

There is a good flow in each module. It is a comprehensive specialist level program that imparts knowledge and skills on how organizations can effectively manage the consequences after a breach by reducing the impact of the incident, both financially and in terms of reputation.

Lab time

Lab time was great. You’ll have access to over 50 labs, 800 tools, four operating systems, and a wide range of templates, checklists, and cheat sheets.

I found the material informative with many new tools that I didn’t know existed, some that I was aware of, and some that I use daily. So that was a good set of labs to get into.

The lab setup was extremely good and walks you through each operating system step by step, assuming you don’t have too little knowledge of networking, setting IP addresses, etc.

I was pleasantly surprised by a few tools and am looking to integrate them into my workflow, which is a plus. Tools vary by module, and I enjoyed learning about AlienVault OSSIM, an open-source SIEM, as I hadn’t seen or used it before.


About Author

Comments are closed.