EC-Council Certified Incident Handler
                     EC-Council Certified Incident Handler
www.infosectrain.com | [email protected]
• What is ECIH Certification?
• The EC-Council Certified Incident Handler (ECIH) 
certification is necessary for Cybersecurity 
professionals who deal with threats on a regular basis. 
A professional cyber incident handler is in full demand 
by the organization for planning, managing, 
coordinating, and communicating with other staff to 
minimize the effects of an incident. This course has 
been well-structured to equip professionals in creating 
incident handling codes, learning about laws and 
policies for incident handling, and understanding 
various types of incidents such as network security 
incidents, malicious code incidents and insider attack 
incidents.
www.infosectrain.com | [email protected]
www.infosectrain.com | [email protected]
What do you mean by ECIH webpage?
The EC-Council’s ECIH webpage includes several concepts which may include tips for 
clearing ECIH examination, modules that are covered in ECIH examination, who should do 
ECIH training, etc.
Tips for clearing ECIH examination
There are five tips to clear ECIH examination and they may include:
Know what to study: The ECIH exam has in total 100 questions across each concept. 
By listing out various concepts, will let you know what to study and what all modules are 
included in the examination. There are the following ECIH exam modules which include:
Be realistic with your plan: Ensure that you have sufficient time to find and study 
the concepts on your own before the exam. Prepare a schedule by estimating how much 
time it will take to finish studying the topics.
Test yourself with free sources: The ECIH webpage has many free resources that 
can help you prepare for the examination. The ECIH exam blueprint will give an overall 
view of the topics covered, and how much percentage of questions are dedicated to each 
topic. This will help you to construct a well-structured study plan.
Attempt the exam with full focus: As the exam is of three-hours and you have 
100 questions, ensure you provide proper time management i.e. 1.5 minutes on a 
question and after that you have enough time to scan through the paper.
www.infosectrain.com | [email protected]
Who should do ECIH training?
This course is suitable for professionals who handle threats on regular basis and may 
include:
Incident Handlers
Risk Assessment Administrators
Penetration Testers
Cyber Forensic Investigators
Vulnerability Assessment Auditors
System Administrators and Engineers
Firewall Administrators
Network Managers
IT Managers
Purpose of ECIH
ECIH enables individuals and organizations to handle and respond to different types of 
cybersecurity incidents in a systematic way
To ensure that organization can identify and recover from attack as quickly as possible
To restore regular operations of the organization by minimizing the negative impact on the 
business operations
Structuring security policies with efficiency and ensuring the quality of services is 
maintained at agreed levels
To minimize the loss after-effects breach of the incident
For individuals: To enhance skills on incident handling and boost their employability
www.infosectrain.com | [email protected]
ECIH Certification Objectives
• Understand the key issues in plaguing the information security 
world
• Learn to tackle various types of cybersecurity threats, attack 
vectors, and threat actors
• Understand the basics the vulnerability management, threat 
assessment, risk management, and incident response automation
• Master all incident handling best practices, standards, 
cybersecurity frameworks, laws, acts and regulations
• Understand the basics of computer forensics
• Apply the right techniques to different types of cybersecurity 
incidents in a systematic manner including malware incidents, 
email security incidents, network security incidents, web 
application security incidents, cloud security incidents, and 
insider-threat incidents
www.infosectrain.com | [email protected]
ECIH exam domains
ECIH contains the following exam modules that are useful for clearing the examination:
Module 1: Introduction to Incident Handling and Response
Module 2: Incident Handling and Response process
Module 3: Forensic Readiness and First Response
Module 4: Handling and Responding to Malware Incidents
Module 5: Handling and Responding to Email Security Incidents
Module 6: Handling and Responding to Network Security Incidents
Module 7: Handling and Responding to Web Application Security Incidents
Module 8: Handling and Responding to Cloud Security Incidents
Module 9: Handling and Responding to Insider Threats
www.infosectrain.com | [email protected]
ECIH exam details
Exam Title EC-Council Certified Incident Handler
Number of questions 100
Exam duration 3 hours
Format of Test Multiple choice
Passing Score In order to maintain integrity of the 
examination EC-Council exams are 
provided in multiple forms. To ensure 
each form has equal ECIH assessment 
standards, cut scores are set on “per 
exam form” basis. Depending on which 
exam form is challenged, cut scores can 
range from 60% to 85%
www.infosectrain.com | [email protected]
Prerequisites
•Working experience of one year in managing 
Windows/Unix/Linux systems or have equivalent knowledge or 
skills
•Good understanding of network and security services.
Conclusion
Due to the increasing number of cybersecurity threats, it 
becomes an important task for an organization to identify, control 
and minimize the incidents that are taking place in this 
technology world. ECIH certification can be useful for identifying 
these incidents such as malware incidents, email security 
incidents, network security incidents, web application security 
incidents, cloud security incidents, and insider-threat incidents. 
So, Incident Management Lifecycle is implemented in each and 
every organization so as to identify the incidents and minimize 
the risk of it.
www.infosectrain.com | [email protected]
Why choose Infosec Train for ECIH training?
Infosec Train is a leading IT security training provider offering diversified 
training programs for globally recognized certifications. They are 
partnered with EC-Council, Microsoft, CompTIA, PECB, and Certnexus.
Infosec Train has highly certified and has skilled trainers in various 
aspects of security offering quality knowledge with full dedication, and 
commitment. They can also provide full-fledged preparation materials for 
various security exams. So Infosec Train is better for security-related 
concepts as they have good trainers with full knowledge. So Infosec Train 
is best suited for ECIH certification.
www.infosectrain.com | [email protected]
About InfosecTrain
• Established in 2016, we are one of the finest 
Security and Technology Training and 
Consulting company
• Wide range of professional training programs, 
certifications & consulting services in the IT 
and Cyber Security domain
• High-quality technical services, certifications 
or customized training programs curated with 
professionals of over 15 years of combined 
experience in the domain
www.infosectrain.com | [email protected]
Our Endorsements
www.infosectrain.com | [email protected]
Why InfosecTrain Global Learning Partners
Certified and Flexible modes Access to the 
Experienced Instructors of Training recorded 
sessions
Post training Tailor Made 
completion Training
www.infosectrain.com | [email protected]
Our Trusted Clients
www.infosectrain.com | [email protected]

Contact us
Get your workforce reskilled 
by our certified and 
experienced instructors!
IND: 1800-843-7890 (Toll Free) / US: +1 657-221-
1127  / UK : +44 7451 208413
[email protected]
www.infosectrain.com