Study any time, from any device.

Become a Certified Computer Security Incident Handler (CSIH)

The Certified Computer Security Incident Handler (CSIH) certification path covers the essential information you need to know in order to properly detect, contain and mitigate security incidents. You'll learn the ins and outs of incident response, as well as the tools of the trade used by incident responders on a daily basis.

20 courses  //   35 videos  //   14 hours of training

Certified Computer Security Incident Handler training

This learning path goes in-depth into cyber incident response and prepares you to pass the CERT-Certified Computer Security Incident Handler (CSIH) exam. As you progress through 20 courses tied to five the CSIH domains, you’ll learn how to build an incident response team and process, monitor networks and collect incident data, conduct forensics on a variety of technologies, prioritize and analyze events, and carry out a response plan that limits the impact of incidents and repairs any damage. Upon completion, you’ll have the knowledge and skills necessary to mitigate cyber incidents and earn your CSIH certification.

Learning path components

CSIH Practice Exam
Practice Exam
CSIH Practice Exam

CSIH Practice Exam

Prepare for your CSIH exam and test your domain knowledge.

Number of questions: 30

Building Incident Response Team
Course
Building Incident Response Team

Building Incident Response Team

Review the most important aspects of incident response team members, such as technical skills, personal skills and critical knowledge.

1 video
31 minutes of training

Reverse Engineering Concepts
Course
Reverse Engineering Concepts

Reverse Engineering Concepts

Get to grips with the details of reverse-engineering concepts in this three-video course. Includes demonstration and tool lists.

3 videos
33 minutes of training

Cell Phone Forensics
Course
Cell Phone Forensics

Cell Phone Forensics

Refresh your knowledge of cell phone forensics with this course covering Andriod and iPhone forensics challenges and best practices.

1 video
28 minutes of training

Windows Swap File
Course
Windows Swap File

Windows Swap File

Get familiar with the Windows swap file, a great place for evidence to hide. Includes tools and demonstration video.

1 video
27 minutes of training

Memory Forensics
Course
Memory Forensics

Memory Forensics

Two videos take you through the fundamentals of memory forensics, including tools, techniques for dumping memory and an in-depth demonstration.

2 videos
80 minutes of training

Dealing with Passwords and Encryption
Course
Dealing with Passwords and Encryption

Dealing with Passwords and Encryption

Deal with passwords and encryption with the help of this course covering password-cracking, public and private keys, Kerberos and more.

1 video
33 minutes of training

Disk Forensics
Course
Disk Forensics

Disk Forensics

Dive into disk forensics with this course covering bit images, restoring disk images, slack, steganography and more.

1 video
56 minutes of training

Role of the Computer Forensic Examiner
Course
Role of the Computer Forensic Examiner

Role of the Computer Forensic Examiner

Get to grips with the role of the computer forensics examiner, including duties and potential legal concerns.

1 video
41 minutes of training

Cyber Attacks Overview
Course
Cyber Attacks Overview

Cyber Attacks Overview

Review the fundamentals of cyber-attacks with two videos on risks, attack types and the anatomy of an attack.

2 videos
75 minutes of training

Incident Response Process
Course
Incident Response Process

Incident Response Process

Six videos take you through the details of the incident response process, including important tools, policies, strategies and legal concerns.

6 videos
61 minutes of training

Introduction to Incident Response
Course
Introduction to Incident Response

Introduction to Incident Response

Get on overview of incident response, including how to respond to security incidents and common incident response definitions and concepts.

2 videos
56 minutes of training

Stages of Incident Response
Course
Stages of Incident Response

Stages of Incident Response

Review the stages of incident response in two separate models, covering the details and concerns for each phase.

1 video
60 minutes of training

Email Analysis
Course
Email Analysis

Email Analysis

Explore forensic email analysis with this course covering the structure, function and details of email.

1 video
21 minutes of training

Web Traffic Analysis
Course
Web Traffic Analysis

Web Traffic Analysis

Dig into Web traffic analysis with this course covering write protection, Web forensics and cookies.

1 video
13 minutes of training

Wireless Analysis
Course
Wireless Analysis

Wireless Analysis

Take a moment to refresh your knowledge of wireless analysis. Includes vocabulary, examples and diagrams.

1 video
38 minutes of training

Protocol Analysis
Course
Protocol Analysis

Protocol Analysis

Get to grips with protocol analysis through this course on TCP/IP concepts, routing, vocabulary and functions.

1 video
20 minutes of training

Log Analysis
Course
Log Analysis

Log Analysis

Log analysis counts for a lot in an investigation. Learn to maximize your analysis process with this course covering log management, auditing, steps, concerns and more.

1 video
39 minutes of training

Network Security Technologies
Course
Network Security Technologies

Network Security Technologies

Two videos reintroduce you to network security technologies, including tool families, uses and examples.

2 videos
31 minutes of training

Network Forensics Concepts
Course
Network Forensics Concepts

Network Forensics Concepts

Develop your knowledge of network forensics concepts, tools and techniques as you progress through this five-video course.

5 videos
51 minutes of training

Networking Fundamentals
Course
Networking Fundamentals

Networking Fundamentals

Build a foundational knowledge of networking in this overview course covering key networking concepts and practices.

1 video
32 minutes of training

 

What you’ll learn.

The CERT-CSIH certification exam covers five primary domains:

  • Protect infrastructure
  • Event/incident detection
  • Triage & analysis
  • Respond
  • Sustain

Who is this for?

At least one year experience in incident handling or equivalent security-related experience is recommended. This certification path is designed for:

  • Incident response professionals
  • Computer emergency response team (CERT) members
  • System and network administrators
  • Technical staff looking to learn incident response
  • Anyone looking to build their incident response skills and get certified!

You're in good company

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

"The course not only met my expectations, but exceeded them. It was the most engaging online training I’ve ever had."

Val Vask

Commercial Technical Lead

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer