Close

C)IHE: Certified Incident Handling Engineer

UNDERSTANDING THE COURSE GOALS

The Certified Incident Handling Engineer course, C)IHE, is designed to help Incident Handlers, System Administrators, and Security Engineers understand how to plan, create and utilize their systems. Prevent, detect and respond to attacks through the use of hands-on labs in our exclusive Cyber Range. With this in-depth training, you will learn to develop start to finish processes for establishing your Incident Handling team, strategizing for each type of attack, recovering from attacks and much more.

NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE)
WORKFORCE FRAMEWORK CATEGORIES

$$ CHOOSE FROM 3 PURCHASE OPTIONS $$

CISSO Exam Combo

If you believe that you have the knowledge required to pass the certification exam you may purchase the Exam Combo.  This will give you access to the online exam, an exam prep guide, and unlimited practice exams.

After you purchase the exam combo the materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase.

Purchase the Certification Exam
The Ultimate Self-Study Combo from Mile2 is a convenient self-pace learning solution for persons who need to acquire the knowledge needed to competently take the associated exam. You will receive a workbook, instructor-led videos to guide you through the workbook, the exam prep guide, unlimited practice exams and the certification exam.  The materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase.

Purchase the Ultimate Combo
Live-Classes from Mile2 give you the benefit of face-to-face instructors.  You can join a live class remotely via Zoom from your home or office, or contact one of our training partners to participate in a class-room based environment.  Our content matter expert instructors will guide your learning.

When you purchase the live class you will receive an electronic workbook, instructor-led videos,  and access to the live-class.  The electronic materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase.

LIVE CLASSES DO NOT INCLUDE AN EXAM.  THE CERTIFICATION EXAM IS PURCHASED SEPARATELY WITH THE EXAM COMBO.

See Live Class Schedule
CISSO Exam Combo

All Mile2 Certifications must be renewed every 3 years.

A.  Ensure that your Mile2 Certification is Active

B. Obtain 60 CEUs (follow this link for details)

C.  Agree to the Mile2 Code of Ethics

D.  Purchase the Renewal Certification

PLEASE NOTE: If you fail to renew your certification Within Seven(7) Days of the expiration date, you may be required to purchase and re-take the certification exam (at full cost).

Purchase the Certification Renewal
CISSO Exam Combo

If you believe that you have the knowledge required to pass the certification exam you may purchase the Exam Combo.  This will give you access to the online exam, an exam prep guide, and unlimited practice exams.

After you purchase the exam combo the materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase.

Purchase the Certification Exam
The Ultimate Self-Study Combo from Mile2 is a convenient self-pace learning solution for persons who need to acquire the knowledge needed to competently take the associated exam. You will receive a workbook, instructor-led videos to guide you through the workbook, the exam prep guide, unlimited practice exams and the certification exam.  The materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase.

Purchase the Ultimate Combo
Live-Classes from Mile2 give you the benefit of face-to-face instructors.  You can join a live class remotely via Zoom from your home or office, or contact one of our training partners to participate in a class-room based environment.  Our content matter expert instructors will guide your learning. When you purchase the live class you will receive an electronic workbook, instructor-led videos,  and access to the live-class.  The electronic materials will be made available for 12 months in your Mile2.com account.  If you do not already have a Mile2.com account, one will be established at the time of your purchase. LIVE CLASSES DO NOT INCLUDE AN EXAM.  THE CERTIFICATION EXAM IS PURCHASED SEPARATELY WITH THE EXAM COMBO.

See Live Class Schedule
CISSO Exam Combo

All Mile2 Certifications must be renewed every 3 years.

A.  Ensure that your Mile2 Certification is Active
B. Obtain 60 CEUs (follow this link for details)
C.  Agree to the Mile2 Code of Ethics
D.  Purchase the Renewal Certification

PLEASE NOTE: If you fail to renew your certification Within Seven(7) Days of the expiration date, you may be required to purchase and re-take the certification exam (at full cost).

Purchase the Certification Renewal

COURSE INFORMATION - LIVE CLASS AND ULTIMATE SELF-STUDY COMBOS

Live Class Duration: 5 Days

Language: English

Class Formats:
*  Instructor-led

*  Self-Study

*  Live Virtual Training

CPEs:  40

Suggested Prior Knowledge:

*  12 months network technologies

*  Sound knowledge of networking and TCP/IP

*  Linux knowledge is essential

Applicable Exams:

*  Mile2 C)IHE

*  GCIH-GIAC 

 

C)IHE LIVE CLASS AND ULTIMATE SELF-STUDY COMBO MODULES

  • Module 01: Incident Handling Explained
  • Module 02: Incident Response Policy, Plan and Procedure Creation
  • Module 03: Incident Response Team Structure
  • Module 04: Incident Response Team Services
  • Module 05: Incident Response Recommendations
  • Module 06: Preparation
  • Module 07: Detection and Analysis
  • Module 08: Containment, Eradication and Recovery
  • Module 09: Post Incident Activity
  • Module 10: Incident Handling Checklist
  • Module 11: Incident Handling Recommendations
  • Module 12: Coordination and Information Sharing
  • Lab 01: Identifying Incident Triggers
  • Lab 02: Drafting Incident Response Procedures
  • Lab 03: Identifying and Planning for Your Dependencies
  • Lab 04: Testing Your Plan and Using a Feedback Loop to Future Proof Your Response
  • Lab 05: Drafting General Security Policies
  • Lab 06: Leveraging SIEM for Advanced Analytics
  • Lab 07: Use Velociraptor and Gather Evidence Evidence
  • Lab 08: Creating Request Tracker Workflow
  • Lab 09: Lessons Learned and Documentation
  • Lab 10: Creating and Incident Handling Checklist
  • Lab 11: Drafting Incident Response Recommendations for Improvements
  • Lab 12: Sharing Agreements and Reporting Requirements
Cyber Range

Labs are performed in Mile2's exclusive Cyber Range

Click here for information on the Cyber Range

Who Should Attend

* Penetration Testers
* Microsoft Administrator
* Security Administrators
* Active Directory Administrators
* Anyone looking to learn more about security

C)IHE Course Accreditations

THE C)IHE CERTIFICATION

What it is and how it is earned. 

C)IHE Certified Incident Handling Engineer Badge

Annual Salary Potential

$91, 546 Median/yr

The holder of this certification and badge has passed the associated exam with a score of 70% or higher.

The exam covers the KSA’s provided in the NICE Framework Work Roles for Work Role ID: OV-MGT-001

Which includes, but is not limited to: 

KNOWLEDGE

     Computer Networking

     Risk Management

     Laws, regulations, policies and ethics

     Cyber Threats and Vulnerabilities

     Data Backup and Recovery

     Network Traffic Analysis Methods

     Packet-Level Analysis

     System Application Threats

      and more

SKILLS

      Identifying, Capturing, Containing and 

           reporting Malware 

      Securing Network Communications

       Security Event Correlations Tools

      and more

ABILITIES

  •      Design Incident Response for Cloud 
  •          Service Models 
  •      Apply Techniques for detecting host and 
  •           network-based intrusions
  •      and more
  •  

The person who carries this certification should be able to analyze an organization’s existing systems then plan and create an incident handling system that will prevent, detect, and respond to cyber attacks.

An Incident Handler should be versed in legal and ethical ramifications that come from a breech as well as possible financial loss and protected documentation loss.  Thereby they will have a start to finish processes for recovering from a variety of attacks.

Detailed Outline

 

Course Introduction

 

Module 1: Incident Handling Explained

   Section 1: Introduction

   Section 2: What is an Incident?  

   Section 3: What is Incident Handling?

   Section 4: Difference Between IH and IR

   Section 5: The Incident Response Process

   Section 6: Seven Reasons You Must Put Together an Incident Response Plan

   Section 7: How to Build an Effective Incident Response Team

   Section 8: Considerations for Creating an Incident Response Team

   Section 9: Tips for Incident Response Team Members

 

Module 2: Incident Response Policy, Plan and Procedure Creation

   Section 1: Introduction

   Section 2: Incident Response Policy

   Section 3: Incident Response Plan

   Section 4: Incident Response Procedures

   Section 5: Sharing Information with Outside Parties

 

Module 3: Incident Response Team Structure

   Section 1: Introduction

   Section 2: Team Models

   Section 3: Team Model Selection

   Section 4: Incident Response Personnel 

   Section 5: Dependencies within Organizations

 

Module 4: Incident Response Team Services

   Section 1: Introduction

   Section 2: Intrusion Detection

   Section 3: Advisory Distribution

   Section 4: Education and Awareness

   Section 5: Information Sharing

 

Module 5: Incident Response Recommendations

   Section 1: Introduction

   Section 2: Establish a formal Incident Response Capability

   Section 3: Establish Information Sharing Capabilities

   Section 4: Building an Incident Response Team

 

Chapter 6: Preparation

   Section 1: Introduction

   Section 2: Threat Hunting

   Section 3: Threat Analysis Frameworks

   Section 4: Tools and Toolkits

   Section 5: Policy

   Section 6: Procedures

   Section 7: Preventing Incidents

 

Module 7: Detection and Analysis

   Section 1: Attack Vectors

   Section 2: Signs of an Incident

   Section 3: Sources of Precursors and Indicators

   Section 4: Incident Analysis

   Section 5: Incident Documentation

   Section 6: Incident Prioritization

   Section 7: Incident Notification

 

Module 8: Containment, Eradication and Recovery

   Section 1: Selecting the Right Containment Strategy

   Section 2: Gathering and Handling Evidence

   Section 3: Identifying the Attacking Hosts

   Section 4: Eradication and Recovery

 

Module 9: Post Incident Activity

   Section 1: Introduction

   Section 2: Lessons Learned

   Section 3: Using Collected Incident Data

   Section 4: Evidence Retention

 

Module 10: Incident Handling Checklist

   Section 1: Introduction

   Section 2: Building Checklists

 

Module 11: Incident Handling Recommendations

   Section 1: Introduction

   Section 2: Recommendations

   Section 3: Implement Threat Intel

 

Module 12: Coordination and Information Sharing

   Section 1: Introduction

   Section 2: Coordination 

   Section 3: Purple Teaming

   Section 4: Information Sharing Techniques

   Section 5: Granular Information Sharing

   Section 6: Sharing Recommendations

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.

 

Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  

 

Accreditations

We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense

USAF

The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!