C)IHE: Certified Incident Handling Engineer
UNDERSTANDING THE COURSE GOALS
The Certified Incident Handling Engineer course, C)IHE, is designed to help Incident Handlers, System Administrators, and Security Engineers understand how to plan, create and utilize their systems. Prevent, detect and respond to attacks through the use of hands-on labs in our exclusive Cyber Range. With this in-depth training, you will learn to develop start to finish processes for establishing your Incident Handling team, strategizing for each type of attack, recovering from attacks and much more.
NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE)
WORKFORCE FRAMEWORK CATEGORIES
$$ CHOOSE FROM 3 PURCHASE OPTIONS $$
If you believe that you have the knowledge required to pass the certification exam you may purchase the Exam Combo. This will give you access to the online exam, an exam prep guide, and unlimited practice exams.
After you purchase the exam combo the materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.Purchase the Certification Exam
The Ultimate Self-Study Combo from Mile2 is a convenient self-pace learning solution for persons who need to acquire the knowledge needed to competently take the associated exam.
You will receive a workbook, instructor-led videos to guide you through the workbook, the exam prep guide, unlimited practice exams and the certification exam. The materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.
Purchase the Ultimate Combo
Live-Classes from Mile2 give you the benefit of face-to-face instructors. You can join a live class remotely via Zoom from your home or office, or contact one of our training partners to participate in a class-room based environment. Our content matter expert instructors will guide your learning.
When you purchase the live class you will receive an electronic workbook, instructor-led videos, and access to the live-class. The electronic materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.
LIVE CLASSES DO NOT INCLUDE AN EXAM. THE CERTIFICATION EXAM IS PURCHASED SEPARATELY WITH THE EXAM COMBO.
See Live Class Schedule
All Mile2 Certifications must be renewed every 3 years.
A. Ensure that your Mile2 Certification is ActiveB. Obtain 60 CEUs (follow this link for details)
C. Agree to the Mile2 Code of Ethics
D. Purchase the Renewal Certification
PLEASE NOTE: If you fail to renew your certification Within Seven(7) Days of the expiration date, you may be required to purchase and re-take the certification exam (at full cost).
Purchase the Certification Renewal
If you believe that you have the knowledge required to pass the certification exam you may purchase the Exam Combo. This will give you access to the online exam, an exam prep guide, and unlimited practice exams.
After you purchase the exam combo the materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.Purchase the Certification Exam
The Ultimate Self-Study Combo from Mile2 is a convenient self-pace learning solution for persons who need to acquire the knowledge needed to competently take the associated exam.
You will receive a workbook, instructor-led videos to guide you through the workbook, the exam prep guide, unlimited practice exams and the certification exam. The materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.
Purchase the Ultimate Combo
Live-Classes from Mile2 give you the benefit of face-to-face instructors. You can join a live class remotely via Zoom from your home or office, or contact one of our training partners to participate in a class-room based environment. Our content matter expert instructors will guide your learning.
When you purchase the live class you will receive an electronic workbook, instructor-led videos, and access to the live-class. The electronic materials will be made available for 12 months in your Mile2.com account. If you do not already have a Mile2.com account, one will be established at the time of your purchase.
LIVE CLASSES DO NOT INCLUDE AN EXAM. THE CERTIFICATION EXAM IS PURCHASED SEPARATELY WITH THE EXAM COMBO.
See Live Class Schedule
All Mile2 Certifications must be renewed every 3 years.
A. Ensure that your Mile2 Certification is ActiveB. Obtain 60 CEUs (follow this link for details)
C. Agree to the Mile2 Code of Ethics
D. Purchase the Renewal Certification
PLEASE NOTE: If you fail to renew your certification Within Seven(7) Days of the expiration date, you may be required to purchase and re-take the certification exam (at full cost).
Purchase the Certification Renewal
COURSE INFORMATION - LIVE CLASS AND ULTIMATE SELF-STUDY COMBOS
Live Class Duration: 5 Days
Language: English
Class Formats:
* Instructor-led
* Self-Study
* Live Virtual Training
CPEs: 40
Suggested Prior Knowledge:
* 12 months network technologies
* Sound knowledge of networking and TCP/IP
* Linux knowledge is essential
Applicable Exams:
* Mile2 C)IHE
* GCIH-GIAC
C)IHE LIVE CLASS AND ULTIMATE SELF-STUDY COMBO MODULES
- Module 1 – Incident Handling Explained
- Module 2 – Incident Response Policy, Plan and Procedure Creation
- Module 3 – Incident Response Team Structure
- Module 4 – Incident Response Team Services
- Module 5 – Incident Response Recommendations
- Module 6 – Preparation
- Module 7 – Detection and Analysis
- Module 8 – Containment, Eradication and Recovery
- Module 9 – GRR Rapid Response
- Module 10 – Request Tracker for Incident Response
- Module 11 – Post Incident Activity
- Module 12 – Incident Handling Checklist
- Module 13 – Incident Handling Recommendations
- Module 14 – Coordination and Information Sharing
- Lab 1 – Identifying Incident Triggers
- Lab 2 – Drafting Incident Response Procedures
- Lab 3 – Identifying and Planning for Your Dependencies
- Lab 4 – Testing Your Plan and Using a Feedback Loop to Future Proof Your Response
- Lab 5 – Acceptable Use Policy
- Lab 6 – Practicing Different Attack Vectors
- Lab 7– Deploy GPR Client and Gather Evidence
- Lab 8 – Creating Request Tracker Workflow
- Lab 9 – GRR Rapid Response
- Lab 10 – Creating and Incident Handling Checklist
- Lab 11 – Drafting Incident Response Recommendations for Improvements
- Lab 12 – Sharing Agreements and Reporting Requirements
Labs are performed in Mile2's exclusive Cyber Range
Click here for information on the Cyber Range
Who Should Attend
* Penetration Testers
* Microsoft Administrator
* Security Administrators
* Active Directory Administrators
* Anyone looking to learn more about security
C)IHE Course Accreditations
THE C)IHE CERTIFICATION
What it is and how it is earned.
Annual Salary Potential
The holder of this certification and badge has passed the associated exam with a score of 70% or higher.
The exam covers the KSA’s provided in the NICE Framework Work Roles for Work Role ID: OV-MGT-001
Which includes, but is not limited to:
KNOWLEDGE
Computer Networking
Risk Management
Laws, regulations, policies and ethics
Cyber Threats and Vulnerabilities
Data Backup and Recovery
Network Traffic Analysis Methods
Packet-Level Analysis
System Application Threats
and more
SKILLS
Identifying, Capturing, Containing and
reporting Malware
Securing Network Communications
Security Event Correlations Tools
and more
ABILITIES
- Design Incident Response for Cloud
- Service Models
- Apply Techniques for detecting host and
- network-based intrusions
- and more
The person who carries this certification should be able to analyze an organization’s existing systems then plan and create an incident handling system that will prevent, detect, and respond to cyber attacks.
An Incident Handler should be versed in legal and ethical ramifications that come from a breech as well as possible financial loss and protected documentation loss. Thereby they will have a start to finish processes for recovering from a variety of attacks.
