Specialist

Overview

The EC-Council Certified Incident Handler (ECIH) program is a specialist-level certification that addresses the “Post-Breach” phase of cybersecurity. While other courses focus on prevention or detection, ECIH is designed to provide the skills required to effectively handle, respond to, and mitigate the impact of a security breach. It provides a structured, methodical approach to the Incident Handling and Response (IH&R) process, reducing the cost and reputational damage associated with cyberattacks.

Key Learning Outcomes

• The 9-Step IH&R Process: Master the complete incident handling flow, including Preparation, Incident Recording, Initial Assessment, Notification, Containment, Evidence Gathering, Eradication, Recovery, and Post-Incident Activity.
• Specialized Incident Handling: Gain specific protocols for responding to different types of threats, such as Malware incidents, Email security breaches, Network attacks, and Cloud-based security incidents.
• Forensic Readiness: Learn how to collect and preserve digital evidence during the response phase to ensure it remains admissible for legal proceedings or internal investigations.
• Risk & Policy Management: Understand how to draft incident response policies and conduct impact assessments to improve an organization’s resilience.
• Hands-On Triage: Perform real-time analysis of system logs, network traffic, and memory dumps to identify the “patient zero” of an infection.

Course Outline

• Introduction to Incident Response and Handling
• Incident Handling and Response Process
• Forensic Readiness and First Response
• Handling and Responding to Malware Incidents
• Handling and Responding to Email Security Incidents
• Handling and Responding to Network Security Incidents
• Handling and Responding to Web Application Security Incidents
• Handling and Responding to Cloud Security Incidents
• Handling and Responding to Insider Threats

Target Audience

• Incident Responders: Professionals dedicated to the emergency response phase of security.
• SOC Analysts: Tier 1 and Tier 2 analysts who need to know how to escalate and manage detected threats.
• System & Network Administrators: Who are often the “first responders” when a system goes down or behaves abnormally.
• Risk Managers: Individuals responsible for business continuity and disaster recovery planning.

Exam Code
212-89

Overview
The Certified Application Security Engineer (CASE) .NET is a hands-on, comprehensive program focused on the security of the Software Development Life Cycle (SDLC). While most secure coding courses focus solely on the “build” phase, CASE covers security activities across all stages: planning, designing, testing, and deploying. It ensures that .NET developers can create robust, secure applications that are resistant to modern cyber threats from the very first line of code.

Key Learning Outcomes

• Holistic SDLC Security: Learn to integrate security from the start. From secure requirement gathering and threat modeling to post-deployment maintenance.
• Mastering Defensive Coding: Gain proficiency in implementing defensive coding practices to mitigate common vulnerabilities like SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).
• Security Testing Mastery: Learn to perform both Static (SAST) and Dynamic (DAST) security testing to identify vulnerabilities in the source code and during runtime.
• Secure Architecture: Understand how to design application architectures that are inherently secure, applying principles like Least Privilege and Defense-in-Depth.
• Infrastructure Hardening: Learn to secure the hosting environment, including IIS (Internet Information Services) and SQL Server, to protect the application’s ecosystem.

Course Outline

• Understanding Application Security, Threats, and Attacks: Overview of the application security landscape and common attack vectors.
• Security Requirements Gathering: Integrating security into the initial planning and specification phase.
• Secure Application Design and Architecture: Threat modeling and applying secure design principles.
• Secure Coding Practices for Input Validation: Techniques to sanitize and validate all user-supplied data.
• Secure Coding Practices for Authentication and Authorization: Implementing robust identity management and access control.
• Secure Coding Practices for Cryptography: Using .NET namespaces to implement strong encryption and hashing.
• Secure Coding Practices for Session Management: Protecting user sessions from hijacking and fixation attacks.
• Secure Coding Practices for Error Handling: Preventing information disclosure through improper error messages.
• Static and Dynamic Application Security Testing (SAST & DAST): Manual and automated vulnerability assessment techniques.
• Secure Deployment and Maintenance: Hardening the application, host, and network for production.

Target Audience

• .NET Developers: With a minimum of 2 years of experience.
• Application Security Engineers: Seeking a formal credential to validate their specialized skills.
• Software Architects & IT Managers: Responsible for overseeing secure development processes.
• Security Analysts & Testers: Focusing on web application security assessments.

Exam Code
312-93

Overview
Java is the premier platform independent programming language. Java programs can run on Windows, Linux, or Macintosh. Beyond that, Java is the programming language for Java apps. These facts make Java an important programming language. Secure Java programming is becoming increasingly important. Particularly with Java being the language of Android apps. CASE Java will give you the skills you need to write secure Java applications.

Course Outline

• Understanding Application Security, Threats, and Attacks
• Security Requirements Gathering
• Secure Application Design and Architecture
• Secure Coding Practices for Input Validation
• Secure Coding Practices for Authentication and Authorization
• Secure Coding Practices for Cryptography
• Secure Coding Practices for Session Management
• Secure Coding Practices for Error Handling
• Static and Dynamic Application Security Testing (SAST & DAST)
• Secure Deployment and Maintenance
• CASE allows application developers and testers to demonstrate their mastery of the knowledge and skills required to handle common application security vulnerabilities.

Target Audience

• Java Developers with a minimum of 2 years of experience and individuals who want to become application security engineers/analysts/testers
• Individuals involved in the role of developing, testing, managing, or protecting wide area of applications

Exam Code
312-94

Overview
The EC-Council Disaster Recovery Professional (EDRP) is a comprehensive program designed to teach IT professionals how to develop, implement, and maintain enterprise-wide Business Continuity and Disaster Recovery (BC/DR) plans. In the event of a natural or man-made disaster, an EDRP-certified professional ensures that the organization can minimize data loss and resume mission-critical functions as quickly as possible.

Key Learning Outcomes

• Holistic BC/DR Strategy: Learn to combine Business Continuity (BC) and Disaster Recovery (DR) into a single, fluent approach to ensure organizational resilience.
• Risk & Impact Mastery: Gain expert skills in conducting Risk Assessments to identify vulnerabilities and Business Impact Analysis (BIA) to determine the financial and operational fallout of downtime.
• Advanced Backup & Recovery: Master diverse data protection strategies, including cloud-based backups, RAID technology, and SAN/NAS configurations.
• Virtualization & Cloud Recovery: Learn how to leverage virtual machines and hypervisor-based solutions to accelerate system restoration after a failure.
• Testing & Maintenance: Understand how to conduct mock disaster drills and BCP testing to ensure that plans actually work when a real crisis occurs.

Detailed Course Outline

• Introduction to Disaster Recovery and Business Continuity: Concepts, objectives, and regulatory context.
• Business Continuity Management (BCM): Establishing the framework and governance.
• Risk Assessment: Identifying and evaluating threats to business operations.
• Business Impact Analysis (BIA): Determining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
• Business Continuity Planning (BCP): Designing strategies for business resumption.
• Data Backup Strategies: Implementing full, incremental, and differential backup models.
• Data Recovery Strategies: Techniques for restoring lost or corrupted data.
• Virtualization-Based Disaster Recovery: Utilizing the cloud for high availability.
• System Recovery: Rebuilding operating systems and restoring critical servers.
• Centralized and Decentralized System Recovery: Architecture options for multi-site organizations.
• Disaster Recovery Planning Process: Step-by-step guidance on creating the DR document.
• BCP Testing, Maintenance, and Training: Validating the plan and building team awareness.

Target Audience

• IT Professionals: Network Administrators, System Administrators, and Firewall Administrators.
• Security Leaders: CISOs, IT Directors, and Risk Managers.
• Consultants: Business Continuity and Disaster Recovery consultants.
• Aspirants: Individuals wanting to establish a career in organizational resilience.

Exam Code
312-76