Certified Incident Handler (ECIH) v2 - ITProTV

This course covers the exam objectives of EC-Council's Certified Incident Handler v2 (E|CIH) program. It discusses the basic skills to handle and respond to ... tryitfreehomecoursesonairbusinessplanspersonalplansbusinesspersonalloginbackCertifiedIncidentHandler(ECIH)v2ECIHv219H34MJustyou?Trainingawholeteam?There'sanITProTVplanthatfits.StartTrainingTodayEpisodesEpisodesIntroductiontoIncidentHandlingandResponseOverviewECIHv2EC-CouncilCertificationOverviewInformationSecurityandIncidentManagementWhatisVulnerabilityManagementWhatareThreatAssessmentsRiskManagement-VocabularyRiskManagement-TheProcessRiskManagement-TheNISTRMFIncidentHandlingbestpractices,std.,frameworksIncidentHandlingandLegalComplianceIncidentHandlingandResponseProcessStep1:PrepareforIncidentHandling,ResponseStep2:IncidentRecordingandAssignmentStep3:IncidentTriageStep4:NotificationStep5:ContainmentStep6:EvidenceGatheringandForensicAnalysisStep7:EradicationStep8:RecoveryStep9:Post-IncidentActivitiesForensicReadinessandFirstResponseForensicsandfirstresponsePrinciplesofDigitalEvidenceCollectionDataAcquisitionVolatileEvidenceCollectionStaticEvidenceCollectionandAnti-ForensicsHandlingandRespondingtoMalwareIncidentsPreparationforHandlingMalwareIncidentsDetectionofMalwareIncidentsContainmentofMalwareIncidentsEradicationofMalwareIncidentsRecoveryafterMalwareIncidentsHandlingandRespondingtoEmailSecurityIncidentsHandlingEmailSecurityIncidentsHandlingandRespondingtoNetworkSecurityIncidentsPreparationHandlingNetworkSecurityIncidentsDetection,ValidationNetworkSecurityIncidentsHandlingUnauthorizedAccessIncidentsHandlingInappropriateUsageIncidentsHandlingDenial-of-ServiceIncidentsHandlingWirelessNetworkSecurityIncidentsHandlingandRespondingtoWebApplicationSecurityIncidentsPreparationtoHandleWebAppSecurityIncidentsDetecting,AnalyzingWebAppSecurityIncidentsContainmentofWebApplicationSecurityIncidentsEradicationofWebApplicationSecurityIncidentsRecoveryfromWebApplicationSecurityIncidentsWebApplicationSecurityThreatsandAttacksHandlingandRespondingtoCloudSecurityIncidentsCloudComputingConceptsBestPracticesAgainstCloudSecurityIncidentsHandlingandRespondingtoInsiderThreatsBestPracticesAgainstInsiderThreatsHands-OnwithE|CIHToolsSecuritychecksusingbuck-securityonLinuxVolatileevidencecollection-Linux,WindowsUsingOSForensicstofindhiddenmaterialAnalyzingnon-volatiledatausingAutopsyMalwareanalysisCollectinginformationbytracingemailsUsingOSSIMUsingWiresharkandNMAPUsingSuricataIDSWhatdoesaSQLInjectionAttacklooklikeWhatdoesaXSSAttacklooklikeShowmoreepisodesSeelessepisodesOverview4MFreePreviewEpisodeDescriptionTranscriptThiscoursecoverstheexamobjectivesofEC-Council'sCertifiedIncidentHandlerv2(E|CIH)program.Itdiscussesthebasicskillstohandleandrespondtosecurityeventsandaddressesvariousunderlyingprinciplesandtechniquesfordetectingandrespondingtocurrentandemergingcomputersecuritythreats.TheincidenthandlingskillstaughtinE|CIHarecomplementarytothejobrolesbelowaswellasmanyothercybersecurityjobs:PenetrationTestersVulnerabilityAssessmentAuditorsRiskAssessmentAdministratorsNetworkAdministratorsApplicationSecurityEngineersCyberForensicInvestigators/AnalystandSOCAnalystSystemAdministrators/EngineersFirewallAdministratorsandNetworkManagers/ITManagers You'rewatchingITProTV. [MUSIC] >>Greetingsandwelcometo theECIHserieshereatITProTV. Iwillbeyourhostthroughout theseriesandmynameisDanielLowry. I'vegotalittleover20yearsexperience andI'vegotquiteafewcertifications underneathmybeltthat aresecurityfocused. Joininguswillalsobe aoneMrAdamGordon. Adam,welcometotheshow,sir. Howareyou? >>I'mgood. Howareyou? >>I'mgood. Tellusalittlebitaboutyourselfsir. >>IamAdam,Iamme,youarenot. SoIalsoworkwith DanielhereatITProTV. I'manedutainerand Ifocusonanythingand everythingrelatedtoinfrastructureand security. You'vecertainlyprobablyseenbothof usinmanycourseshereatITProTV. Butifthisisyourfirsttime watchinganyofourcontentor perhapswatchingacourserelatedto security,Iwanttowelcomeyouand alsotellyouit'sgoingtobe areallyinterestingjourney. You'regonnagettolearn alotofreallycoolthings, bothhandsonaswellasdiscussionbased. We'regonnaspendalotof timeshowingyouhowto becomeasuccessfulincidenthandlerand responseteammember. Aswellashopefullytakingand passingtheECIHexam, ifthat'swhatyourultimategoalis. >>Awesome, Iguessthat'sagreatfirstquestion. Whoisthiscoursedesignedtoreach? >>Sowhenwethinkaboutpotential audience,right,associatedwithECIH, itcanbeanybodythat'slooking tobecomeanincidenthandler, whetheryou'reaforensicsexpert whoperhapsispartofanIH&Rteam. Youmaybeanetworkadministrationor systemadministrationprofessionalthat's beenaskedtobringyourexpertiseof infrastructureintothisresponseeffort, eitherperhapsvirtually, perhapsfulltime,perhapsondemand. Butwhateveryoudo,whoeveryouare,if you'reamanager,ifyou'reanoperator, ifyou'reaprofessional juststartingoutand lookingtolearnmoreabout incidenthandlingandresponse, wewelcomeallofyoubecauseanyandall ofyoucanbenefitfromthisinformation. >>Awesome, Iguessthatlendsustothewhat. Sowhatexactly, atleastinacondensedformat, arewegoingtobe learninginthisseries? >>Sowhenwethinkabout generallythecoverage,right, theknowledgeassociatedwithECIHand whatitisinvolving,we'regonnabe focusingonthemethodologiesassociated withincidenthandlingandresponse. Howwedealwiththeoverallprocess, really,atahighlevel, whatitmeanstorespondtoanincident, whatitmeanstoultimatelyidentifythe issuesandconcernsassociatedwiththat. Tosetupcontainment,toultimately understandhowtoanalyze,torespond, tomitigate,andthentodocument, tellthatstorythroughreportingand ultimatelyrecoverthosesystems, hopefullybacktofullfunctionality. We'lltakealookathowtodo thatallupasaprocessflow. We'lllookatthatindifferentareas ofournetworkordatacenterand infrastructure,organizational, operationallandscapesinemail, inthecloud,usingwebapplications, talkingaboutnetworkingand networktraffic,bothwirelessandwired. We'lltakealookat theforensicsaspectsofIH&R, ofincidenthandlingandresponse. Andwe'vegotaspecialhandsonsection dedicatedtotheuseoftoolsthat aregoingtomakeyoumoresuccessfuland hopefullyhelpyoutounderstand howtoimplementthoseskills. AndDanandIaregonnawalkyouthrough showingyouhowtousethoseinaspecific focusedenvironmentwhereyoucanplay withthemandseeeverythingaboutthem. >>Well,Iguessthatactuallytouches onmylastquestionwhichwillbe, howwillthisinformation bepresentedtotheviewer? >>So we'regoingtodoavarietyofthings. We'regonnachatjustlikewearenow. Thisisournormalwayofinteracting withyouandpresentinginformation. You'llseemeand/or Danieldiscussconcepts, we'llcertainlyengageyouand showyousomeinformationonthescreen. You'llseemeusesomePowerPoint slidedecksthatwillmagicallyappear highlightinginformation. Therewillbedetailedepisodenotesfor alltheepisodeswegothrough, Iencourageyoutotakealookatthose, especiallyifyou'regoingto bestudyingfortheECIHexam. AndasImentioned,thatsuperduper specialsectionattheendofthecourse calledthehandsonsectionwhereDaniel andIactuallyopenuponeormorevirtual machines,trotoutthesetools,implement themandwalkyouthroughhowtousethem, specificallytheonesthataremost likelytobeaskedaboutontheexam. Soyou'regoingtobeabletonotonly hearabouthowthesethingswork, betoldaboutthem, interactwithusandhearfromusand shareourexperienceswithyouabout howwedothisintherealworld, butyou'regoingtoseebothofus showyouwhatwedoandhowwedoit. Soit'sgonnabeanicemixof differentcapabilitiesandmodalities. >>WellthankssomuchforthatAdam, IknowthatI'msuper excitedaboutthisseries. Hopefullyyouarenowaswell,and welookforwardtoseeingyou inthoseupcomingepisodes. >>ThankyouforwatchingITProTV. StartTeamTrial7daysforupto5teammembersBuyNowSelf-checkoutforupto15seatsContactSalesDemo,customtrial,ormoreinfoStarttrainingtodayJustyou?CheckoutourpersonalplansPremium$529perseat/peryear-2+Totalseats$1058CheckoutStandard$349perseat/peryear-2+Totalseats$698CheckoutCreditcardrequiredFirstName*Thisisforyouraccount.LastName*Thisisforyouraccount.PhoneNumber*Wewillcontactyouwiththisphonenumberaboutyourtrial.Email*Wewillcontactyouwiththisemailaboutyourtrial.Company*Whatisthenameofyourcompany?Country*UnitedStatesUnitedKingdomCanadaAustraliaAfghanistanAlandIslandsAlbaniaAlgeriaAndorraAngolaAnguillaAntarcticaAntiguaandBarbudaArgentinaArmeniaArubaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia,PlurinationalStateofBonaire,SintEustatiusandSabaBosniaandHerzegovinaBotswanaBouvetIslandBrazilBritishIndianOceanTerritoryBruneiDarussalamBulgariaBurkinaFasoBurundiCambodiaCameroonCapeVerdeCaymanIslandsCentralAfricanRepublicChadChileChinaChristmasIslandCocos(Keeling)IslandsColombiaComorosCongoCongo,theDemocraticRepublicoftheCookIslandsCostaRicaCoted’IvoireCroatiaCubaCuraçaoCyprusCzechRepublicDenmarkDjiboutiDominicaDominicanRepublicEcuadorEgyptElSalvadorEquatorialGuineaEritreaEstoniaEthiopiaFalklandIslands(Malvinas)FaroeIslandsFijiFinlandFranceFrenchGuianaFrenchPolynesiaFrenchSouthernTerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeardIslandandMcDonaldIslandsHolySee(VaticanCityState)HondurasHungaryIcelandIndiaIndonesiaIran,IslamicRepublicofIraqIrelandIsleofManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea,DemocraticPeople’sRepublicofKorea,RepublicofKuwaitKyrgyzstanLaoPeople’sDemocraticRepublicLatviaLebanonLesothoLiberiaLibyanArabJamahiriyaLiechtensteinLithuaniaLuxembourgMacaoMacedonia,theformerYugoslavRepublicofMadagascarMalawiMalaysiaMaldivesMaliMaltaMartiniqueMauritaniaMauritiusMayotteMexicoMoldova,RepublicofMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNewCaledoniaNewZealandNicaraguaNigerNigeriaNiueNorfolkIslandNorwayOmanPakistanPalestinePanamaPapuaNewGuineaParaguayPeruPhilippinesPitcairnPolandPortugalQatarReunionRomaniaRussianFederationRwandaSaintBarthélemySaintHelena,AscensionandTristandaCunhaSaintKittsandNevisSaintLuciaSaintMartin(Frenchpart)SaintPierreandMiquelonSaintVincentandtheGrenadinesSamoaSanMarinoSaoTomeandPrincipeSaudiArabiaSenegalSerbiaSeychellesSierraLeoneSingaporeSintMaarten(Dutchpart)SlovakiaSloveniaSolomonIslandsSomaliaSouthAfricaSouthGeorgiaandtheSouthSandwichIslandsSouthSudanSpainSriLankaSudanSurinameSvalbardandJanMayenSwazilandSwedenSwitzerlandSyrianArabRepublicTaiwanTajikistanTanzania,UnitedRepublicofThailandTimor-LesteTogoTokelauTongaTrinidadandTobagoTunisiaTurkeyTurkmenistanTurksandCaicosIslandsTuvaluUgandaUkraineUnitedArabEmiratesUruguayUzbekistanVanuatuVenezuela,BolivarianRepublicofVietnamVirginIslands,BritishWallisandFutunaWesternSaharaYemenZambiaZimbabweInwhichcountryisyourcompanylocated?Youknowthedrill.You’reagreeingtotheITProTVTerms&Conditions.Wewon’tsellyourinfo—ever.Wewillemailyouwithoffersandinfo,butit’sstuffthat’srelevant.Seriously.Step1of2CompleteformGetademoorastartateamtrial