Course Code: 2399

CIHE - Certified Incident Handling Engineer

Class Dates:
5 Days
Class Time:
Virtual Instructor-Led Training, Instructor-Led Training


  • Course Overview
  • The Certified Incident Handling Engineer, 5-day course is designed to help incident handlers, system administrators, and general security engineers understand how to plan, create, and utilize their systems in order to prevent, detect, and respond to security breaches. Every business connected to the internet is getting probed by hackers trying to gain access. The ideal situation I to prevent this from happening, but realistically every business needs to know how to detect and resolve security breaches. Certified Incident Handlers are prepared to do handle these situations effectively.
    Students will learn common attack techniques, vectors, and tools used by hackers, so that they can effectively prevent, detect, and respond against them. This course is ideal for those who lead incident handling teams or are part of an incident handling team.

    40 CPE Credits
  • Audience
  • Who Should Attend The C)IHE course is an incident handling course that teaches students how to plan for, detect, and respond to security breaches. In order to do this effectively we require students to understand the material in our C)ISSO: Information Systems Security Officer course. If you have taken the course or have equivalent experience/knowledge, you'll be able to learn the art of incident handling in the C)IHE course.
    After you complete the C)IHE we encourage you to learn about disaster recovery and business continuity through our C)DRE: Disaster Recovery Engineer Course.

    System Administrators
    Security Consultants
    IT Departments
    Incident Handlers


  • Prerequisites: C)SS: Security Sentinel
    C)ISSO: Information Systems Security Officer
    OR Equivalent Experience
  • Recommended Courses:

  • CSS - Certified Security Sentinel

Course Details

  • Upon Completion
  • Have knowledge to detect security threats, risk, and weaknesses.
  • Have knowledge to plan for prevention, detection, and responses to security breaches.
  • Have knowledge to accurately report on their findings from examinations.
  • Be ready to sit for the C)IHE Certification Exam
  • Course Content
  • Introduction
  • Threats, Vulnerabilities and Exploits
  • Preparation
  • RTIR
  • Preliminary Response
  • Identification and Initial Response
  • Sysinternals
  • Containment
  • Eradication
  • Follow-up
  • Incident-handling recovery
  • Virtual Machine Security
  • .
  • Malware Incident Response
  • Labs
  • Netcat (Basics of Backdoor Tools)
  • Exploiting and Pivoting our Attack
  • Creating a Trojan
  • Capture FTP Traffic
  • ARP Cache Poisoning Basics
  • ARP Cache Poisoning - RDP
  • Input Manipulation
  • Shoveling a Shell
  • Virus Total
  • Create Malware using SET
  • The Trojans
  • Examine System Active Processes and Running Services
  • .
  • Examine Startup Folders
  • The Local Registry
  • The IOC Finder - Collect
  • IOC Finder - Generate Report
  • Malware Removal
  • Class Format Options
  • 1.Instructor-led Classroom: Attend in person.
  • 2.Live-virtual Training: Attend the Instructor-led class remotely.