GIAC Incident Handler badge achieved after attending the GCIH Course and Certification

Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star half-star

(132 Reviews)

GIAC Certified Incident Handler (GCIH)

Prepare to tackle cyber threats head-on by learning incident response strategies to mitigate and recover from security breaches effectively.

course: GIAC Certified Incident Handler (GCIH)

Duration: 5 days

Format: Virtual or Classroom

prepare-exam Prepares for Exam : GIAC Certified Incident Handler (GCIH) Exam (GCIH)

certification-icon Prepares for Certification : GIAC Certified Incident Handler (GCIH)

ktk-icon Attend this and 60+ other Security courses for FREE with Unlimited Security Training


Take command in the world of cybersecurity with the Certified Incident Handler (GCIH) course. Led by industry experts, this program provides comprehensive training to master incident response and handling. Acquire practical skills to defend against cyber threats. Elevate your expertise and become a valuable asset in ensuring organizational security with the esteemed GCIH certification. Prepare for success in incident handling.

This course includes
  • intructor-iconInstructor-led training
  • intructor-iconPractice test
  • intructor-iconPre-reading
  • intructor-iconPersonal Learning Path
  • intructor-iconCertification Guarantee
  • intructor-iconEmail, chat and phone support

Top companies trust Readynez

Who is this course for?

Who is the GIAC Certified Incident Handler (GCIH) training course for?

The GIAC Certified Incident Handler (GCIH) training course is intended for cybersecurity professionals and incident responders responsible for handling security incidents. The course covers incident response and handling, intrusion detection and analysis, incident handling techniques, malware analysis, and forensic investigations. Participants learn about the incident response process, threat intelligence, network and host-based analysis, log analysis, containment and eradication of incidents, malware identification and analysis, and incident reporting. Completing the course and obtaining the GCIH certification demonstrates expertise in incident handling methodologies and equips individuals with the skills needed to effectively detect, analyze, and respond to security incidents.


What you will learn during our GIAC Certified Incident Handler (GCIH) course.

  • Introduction to incident handling and response
  • The six steps of incident handling
  • Hacker methodology and attack vectors
  • Reconnaissance techniques and tools
  • Scanning techniques and tools
  • Exploitation techniques and tools
  • Introduction to malware analysis
  • Static and dynamic malware analysis techniques
  • Malware analysis tools and resources
  • Incident response tools overview
  • Live system analysis tools
  • Memory analysis tools
  • Introduction to network forensics
  • Network traffic capture and analysis tools
  • Network traffic analysis techniques and protocols
  • Log collection and analysis tools
  • Log analysis techniques and use cases
  • Advanced incident response process and strategies
  • Root cause analysis techniques
  • Evidence preservation and chain of custody
  • Incident documentation and reporting
  • Incident recovery and remediation
  • Review of key concepts, terms, and topics
  • Practice questions, quizzes, and exercises
  • Tips for taking the GCIH exam


How to best be prepared for our GIAC Certified Incident Handler (GCIH) course.

  • [Dictionary item: Orange-check] Basic understanding of Windows and Linux operating systems and file system
  • [Dictionary item: Orange-check] Basic familiarity with command line tools and GUI tools
  • [Dictionary item: Orange-check] Basic knowledge of networking concepts and protocols
  • [Dictionary item: Orange-check] Basic knowledge of malware analysis and reverse engineering

Meet our instructors

Meet some of the Readynez Instructors you can meet on your course. They are experts, passionate about what they do, and dedicated to give back to their industry, their field, and those who want to learn, explore, and advance in their careers.

Kevin Henry

Kevin has served for years as an authorised instructor for (ISC)2 and is renowned for his 20-year contribution to learners training for IT security skills

Kevin Henry is a well-known and highly respected expert instructor with Readynez.

Kevin has served for many years as an authorised instructor for (ISC)2 and he is renowned for his 20-year contribution to learners training for IT security skills- and certifications such as the CISSP, CSSLP, CISM, CISA and CCSP everywhere in the world.

Kevin is a force to be reckoned with, being an authorised instructor and training no less than 9.000 online learners monthly in the fields of information security and audit, in addition to the many students that attend his instructor-led courses with Readynez

He is also one of the most highly-rated instructors and most often he is given scores of 10/10 by his delegates. 


Read Less

James Rowney

James is recognised for his more than 20 years of contribution to learning and certification within IT Security.

James has worked on many large mission critical environments in some of the largest companies in their industries.

Understanding business requirements and drivers are essential to any strategy and design. Understanding environments are key to any application or infrastructure changes, both the immediate services they interface with and those beyond. A failure to satisfy Non Functional Requirements can not be fixed by a process.

Specialties: CISSP, CCSP, AWS Solution Architect Associate, TOGAF 9 certified 86080 member of The Association of Enterprise Architects (AEA) - 27519830. BCS Solution & Enterprise Architect Certified - AMBCS - 990529878, Linux RHCE V5 expired, RHCVA Unix, Storage, SAN, Netbackup, Clusters, Design and Delivery of Infrastructure.


Read Less

Friedhelm Düsterhöft

Friedhelm Düsterhöft has 30+ years of work experience in IT, Information Security and Data Privacy.

Friedhelm Düsterhöft is a Senior Information Security Consultant, Auditor, Trainer and Managing Director, and has 30+ years of work experience in IT, Information Security and Data Privacy.

He has contributed to various PECB whitepapers and articles, such as ’Information Security in Banks and Financial Institutions’, ‘What Does SIEM Stand For?’, ‘Why Organizations Fail to Pass an Audit’ and “How to Integrate ISO/IEC 27032 Cybersecurity with ISMS?’.

Read Less


FAQs for the GCIH course.

Issued by Global Information Assurance Certification (GIAC) The GIAC Incident Handler (GCIH) certification validates a practitioner's ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills.

Excel as a Certified Incident Handler with Readynez! Join our course to ace the GCIH exam and achieve certification. Specialized training supports individuals and teams, ensuring success. Let us guide you to become a certified Incident Handler, well-equipped for cybersecurity incidents. Choose Readynez for effective preparation and secure your GCIH certification confidently. Elevate your skills and career in incident response today!

Eligibility for this certification is accessible, as there are no prerequisites. Applicants simply need to pass a written exam.

The cost to attempt the GCIH exam is €880 according to GIAC. GIAC certifications must be renewed every four years, with registration available two years before the expiration date.

The GCIH certification exam syllabus covers topics such as incident handling, threat intelligence, network traffic analysis, and penetration testing. It also encompasses malware analysis, digital forensics, and strategies for cyber defense. The diverse coverage ensures a comprehensive understanding of key areas in cybersecurity incident response.

The GIAC Certified Incident Handler (GCIH) is a world-renowned certification that focuses on detecting, responding to, and resolving security incidents. With cyber threats being an ever-increasing concern for organizations of all sizes, the demand for professionals who can manage security incidents has never been higher. As a result, earning a GIAC certification is a smart career move.

The time to become GCIH certified varies based on factors like prior experience and study methods. On average, candidates spend several weeks to a few months preparing. This involves studying exam objectives, enrolling in training courses, gaining practical experience, and taking practice tests.

All GIAC Certification exams are web-based and are required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE.

The difficulty of passing the Certified Incident Handler (GCIH) exam can vary depending on your experience, knowledge, and preparation. This course is designed to validate a practitioner's ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills.

Adequate preparation can lead to excellent results with little difficulty. The exam comprises 106 questions to be answered within approximately 240 minutes. It is a proctored exam, meaning it will be supervised. To pass, you must achieve a score of 70% or higher.

The certification must be renewed after every 4 years from the date of acquiring it.

Building on the foundational skills of incident handling, professionals can specialize further with advanced-level certifications from GIAC, making GCIH a valuable base. This certification not only proves expertise but also commands an average salary of $88,500, reflecting its significance in the cybersecurity field.


Feedback from our delegates.

Stephen Ridgway

Readynez is the best training provider I've used for many years. Their customer service is first class, prices are very competitive and instruction excellent.

Johan Andersson

Johan Andersson

Easy to attend over Teams and an excellent instructor gave me great value for the time I invested.

Why Pay More??

Go beyond one certification Achieve Complete Masterymedal-icon

Why settle for just one certification course when you can attend ALL certification courses for the price of less than one single course?

Unlimited Training delegate
  • [Dictionary item: Orange-check] 60+ Courses for the price of less than one
  • [Dictionary item: Orange-check] LIVE Instructor-led courses
  • [Dictionary item: Orange-check] Expert Instructors at your fingertips
  • [Dictionary item: Orange-check] Money-back Guarantee
  • [Dictionary item: Orange-check] Flexible payment options

A perfect tool to help us develop the skills and competencies we need for success

Kasper Meyer Christensen

A training solution so good that it pays for itself


Businesses leveraging Readynez Unlimited save at least 50% on their training and certifications - and many up to 80%

2.4 x

Unlimited license holders attend on average 2.4 courses per year

Get more for less with Unlimited Training


For the price of less than one course.


Just cheaper and more flexible.


The easiest, most flexible and cheapest way to get Certified.


Attend as many courses you want - no limitations!


Refund provided if license costs surpass the value of your training.


Interact 1-on-1 with 50+ seasoned instructors.



Price: {{item.ItemPriceExVatFormatted}} {{item.Currency}}