top of page

The EC-Council Certified Incident Handler (ECIH) program focuses on a structured approach for performing the incident handling and response (IH&R) process. The IH&R process includes stages like incident handling and response preparation, incident validation and prioritization, incident escalation and notification, forensic evidence gathering and analysis, incident containment, systems recovery, and incident eradication. This systematic incident handling and response process creates awareness among incident responders in knowing how to respond to various types of security incidents.


Cybersecurity Professionals interested in pursuing incident handling and response as a career require comprehensive training on the IH&R concepts as well as real-world scenarios. The ECIH program includes hands-on learning delivered through iLabs, online labs within the training program.


Course Outline


  • Module 01: Introduction to Incident Handling and Response
  • Module 02: Incident Handling and Response Process
  • Module 03: Forensic Readiness and First Response
  • Module 04: Handling and Responding to Malware Incidents
  • Module 05: Handling and Responding to Email Security Incidents
  • Module 06: Handling and Responding to Network Security Incidents
  • Module 07: Handling and Responding to Web Application Security Incidents
  • Module 08: Handling and Responding to Cloud Security Incidents
  • Module 09: Handling and Responding to Insider Threats




MasterClass Incident Handler and Response Program

  • EC-Council Certified Incident Handler (ECIH):

    • EC-Council Certified Incident Handler (ECIH) Live Course - $2,159
      • ECIH Printed Courseware (US courses Only)
      • ECIH iLabs, Live Labs
      • ECIH Certification Exam
      • Exam Insurance Program - $499
    • ECIH Online Self-Paced Streaming Video Course (1 year access) - $1069

    AND  Certified SOC Analyst(CSA):Certified SOC Analyst (CSA) Online Self-Paced Streaming Video Course (1 year access) - $1069CSA E-CoursewareCSA iLabs, Live LabsCSA Certification ExamExam Insurance Program - $499

    AND   Certified ThreatIntelligence (CTIA):Certified Threat Intelligence (CTIA) Online Self-Paced Streaming Video Course (1 year access) - $1069CTIA E-CoursewareCTIA iLabs, Live LabsCTIA Certification ExamExam Insurance Program - $499


    Cybersecurity *Meet Up Networking Event (Priceless)

    *Meet-ups are subject to availability, space, instructor schedules, and local interest. 

    For live in person only.

    20% OFF Voucher for next course

    Total Value: $5,102

    Package Rate: $3,599

  • To be eligible to sit the ECIH Exam, the candidate must either:


    • Attend official ECIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see




    • Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.


    Exam Name: ECIH 212-89

    Number of Questions: 100

    Test Duration: 3 Hours

    Test Delivery: ECC Exam Portal

    Test Format: Multiple Choice

    Passing Score: 70%

bottom of page