top of page


Who Should Attend?

Incident Handlers, System Administrators, any General Security Engineers


5 Days



Class Format:

Instructor-lead Classroom

Student Materials:

Student Workbook, Student Lab Guide, Student Exam Prep Guide


1. CIHE - Certified Incident Handling Engineer

2. Covers GCIH - GIAC Certified Incident Handler

What is Certified Incident Handling Engineer?

The Certified Incident Handling Engineer certification is designed to help Incident Handlers, System Administrators, and any General Security Engineers understand how to plan, create and utilize their systems in order to prevent, detect and respond to attacks.

In this in-depth training, students will learn step-by-step approaches used by hackers globally, the latest attack vectors and how to safeguard against them, Incident Handling procedures (including developing the process from start to finish and establishing your Incident Handling team), strategies for each type of attack, recovering from attacks and much more.

Furthermore, students will enjoy numerous hands-on laboratory exercises that focus on topics, such as reconnaissance, vulnerability assessments using Nesus, network sniffing, web application manipulation, malware and using Netcat plus several additional scenarios for both Windows and Linux systems.

Graduates of the mile2 Certified Incident Handling Engineer training obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against threats. This course covers the same objectives as the SANS  Security 504 training.


Module 1: Incident Handling Explained

Module 2: Threats, Vulnerabilities and Exploits

Module 3: Preparation

Module 4: First Response

Module 5: Containment

Module 6: Eradication

Module 7: Recovery

Module 8: Follow-Up

bottom of page