About ECCouncil 212-89 Exam
The EC-Council 212-89 exam is a mandatory requirement for obtaining the EC-Council Certified Incident Handler (ECIH) certification. This test is designed to validate the candidates’ skills related to handling and responding to computer security incidents within an information system.
The 212-89 certification exam is intended for a wide audience of the IT practitioners, including risk assessment administrators, venerability assessment auditors, firewall administrators, system engineers, system administrators, penetration testers, incident handlers, network managers, cyber forensic investigators, IT managers. The test is also suitable for anyone involved in incident handling and response.
As with other EC-Council certifications, ECIH can be earned in two ways: with or without attending the official training.
- The first option entails completing the official course at any of the EC-Council Authorized Training Centers or attending the EC-Council live online training via iWeek. It also involves joining the self-study program through iLearn or attending the EC-Council live online training via iWeek. If you choose this path, you won’t have to pay a registration fee for the exam, as this cost will be included in your training fees.
- The second option includes meeting the certification eligibility criteria. This comes with at least one year of working experience in the Information Security domain. In addition, the applicants are required to submit the Exam Eligibility Application Form and pay a non-refundable fee of $100.
The EC-Council 212-89 exam is delivered through the ECC Test Centers that are located around the world. The certification test contains 100 multiple-choice questions and has the allocated duration of 3 hours. The exam is available in the English language only. To complete the test successfully, you need to give at least 70% of the correct answers. If one fails this EC-Council exam at the first attempt, there is no waiting period for the second try. For the third and subsequent attempts, a waiting period of 14 days is established. After passing the test, you will receive your ECIH certificate within 7 business days.
The content of the exam for the EC-Council Certified Incident Handler certification revolves around nine domains. They all have different weights in the content. The specific knowledge and skills as well as percentage share of questions related to each subject area of EC-Council 212-89 are outlined below:
- Incident Response and Handling (16%). This topic requires a solid understanding of information security; threat intelligence; computer security; risk management; incident handling; security policies.
- Process Handling (14%). Within this domain, the applicants need to demonstrate competency in security auditing; incident handling and response; incident readiness; forensic investigation; security incidents; eradication and recovery.
- Forensic Readiness and First Response (13%). This subject area encompasses an understanding of digital evidence; forensic readiness; computer forensics; volatile evidence; preservation of electronic evidence anti-forensics; static evidence.
- Email Security Incidents (10%). Here the examinees need to show good comprehension of email security as well as familiarity with deceptive and suspicious email; email incident; phishing email.
- Application Level Incidents (8%). The objective entails your knowledge of web application threats and vulnerabilities; web attacks; eradication of web applications.
- Network and Mobile Incidents (16%). This section comes with the individuals’ knowledge of inappropriate usage; network attacks; Denial-of-Service; unauthorized access; wireless network; eradication of mobile incidents and recovery; mobile platform vulnerabilities and risks.
- Insider Threats (7%). To deal with the questions from this domain, the learners should be conversant with insider threats; eradication; employee monitoring tools; detecting and preventing insider threats.
- Malware Incidents (8%). In the framework of this area, the students are required to be aware of malware, malware incident triage, as well as malicious code.
- Incidents Occurred in a Cloud Environment (8%). The last topic focuses on Cloud computing threats; eradication; security in Cloud computing; recovery in Cloud.
After completing the EC-Council 212-89 exam and obtaining the ECIH certification, you will become a skilled specialist who is capable of implementing risk evaluation methodologies as well as applying various policies and laws connected with incident handling. An Incident Handler can tackle various kinds of computer security incidents, including malicious code incidents, network security incidents, or insider attack threats. Whether you want to launch a career in the cybersecurity field or simply improve your performance in your current position, EC-Council ECIH will equip you with the sufficient knowledge and skills to detect, analyze, and remedy security hazards to prevent reappearance in the future. The certified professionals eligible to apply for the following positions:
- Incident Handler
- Penetration Tester
- Network Administrator
- Firewall Administrator
- Security Tester
- Cyber Forensic Investigator
- System Administrator
- Vulnerability Assessment Auditor
- Risk Assessment Professional
- IT Professionals and Manager
With the increasing global demand for the qualified cybersecurity professionals, obtaining the ECIH certification becomes incredibly attractive in financial terms. Thus, the role of a Network Administrator can bring you an average of $59,980 per annum, while the position of a Systems Administrator is associated with $62,793.
If you want to pursue your career beyond the EC-Council ECIH certification, there are many paths that you can choose from. First of all, you can become a Licensed Security Consultant. In this case, you can opt for the EC-Council Licensed Penetration Tester (LPT) certificate. Alternatively, you can go for the trainer path. Then you should apply for the Certified EC-Council Instructor (CEI) program.
If your goal is to become a multidisciplinary expert, earning the Computer Hacking Forensics Investigator (CHFI) or Certified Application Security Engineer (CASE) certifications will be an ideal choice for you. Finally, you can consider attaining a master’s cybersecurity degree. For this purpose, go for the EC-Council University Master of Security Sciences (MSS) program. By obtaining the ECIH certificate, you have already automatically earned 3 credits for this degree.