Description
This course contains two tests with detailed explanations of correct answers and incorrect options to allow you to efficiently prepare for the GCIH exam. It can also be really beneficial to security managers performing technical interviews to incident handlers and SOC analysts in addition to anyone looking for a role in incident handling and wants to prepare for very demanding technical interviews. Exam DetailsPassing score: 70%Total questions: 100-150Duration: 4 hoursObjectives: Incident Handling: Overview and PreparationIncident Handling: IdentificationIncident Handling: ContainmentIncident Handling: Eradication, Recovery, and Lessons LearnedReconnaissanceScanning: Discovery and MappingScanning: Techniques and DefenseClient AttacksPassword AttacksOverflow AttacksNetwork AttacksSession Hijacking and Cache PoisoningDenial of Service AttacksWeb Application AttacksTechniques for maintaining accessCovering Tracks: NetworksCovering Tracks: SystemsWorms, Bots & BotnetsRecommendationThe GCIH exam includes a few questions requiring exam takers to perform specific actions to get a result. The best method to prepare for this is to create a lab that will allow you to practice any questions that have practical elements in them. Those will be explicitly noted in the questions and detailed instructions will be provided on how to get an answer using a lab. The simplest setup can include a few virtual (or physical) machines. An example collection can include: Machine running Kali LinuxMachine running Metasploitable2 or Metasploitable3 (to be used as a target machine for attacks)Machine running Windows (any latest versions of Windows Server or personal editions that you might have licenses for)
