GCIH - Incident Handler

The GIAC Certified Incident Handler certification is an industry recognized vendor-neutral credential. The certification is proof of a person's competence across a spectrum of skills including Security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. The GCIH certification focuses on detecting, responding, and resolving computer security incidents. uCertify’s guaranteed certification course for exam is comprehensive and helps you earn your certification and gain knowledge. Here’s what to expect from your uCertify course:

• 100% Exam Coverage • Interactive E-Book • Pre-Assessment • 330 Practice Questions with Full Explanations • 158 Interactive Quizzes • Test History and Performance Review and Powerful Analytics • Study Planner • Continuously Updated



Prepare for the following certification

The GIAC Certified Incident Handler certification exam is a standalone certification from GCIA with the exam code GCIH.

The certification is targeted at those candidates who want to enhance their skills in various fields of incident handling such as, understanding of the current threats to systems and networks, along with effective countermeasures, etc. This GIAC GCIH exam covers the knowledge and skills to manage incidents to understand common attack techniques and tools and to defend against or respond to such attacks when they occur.

Related Certifications

Course Duration

This is a self-paced, independent study program, so there are no minimum or maximum restrictions placed by uCertify. The amount of time you will take depends on your existing knowledge of the area and related experience, as well as your availability. We recommend at least 3 weeks if you have a reasonable amount of knowledge of lower level concepts of incident handling.

Related Exams

Authored by Industry Experts

uCertify uses content from the finest publishers and only the IT industry's finest instructors. They have a minimum of 15 years real-world experience and are subject matter experts in their fields. Unlike a live class, you can study at your own pace. This creates a personal learning experience and gives you all the benefits of hands-on training with the flexibility of doing it around your schedule 24/7.

Exercises, Quizzes & Flashcards

uCertify's exercises, quizzes and flashcards prepare you for your exams differently and more effectively than the traditional exam preps on the market. You will have practice quizzes, flashcards and exercises after each module to ensure you are confident on the topic you have completed before proceeding. This will allow you to gauge your effectiveness before moving to the next module in your course.

Practice Test Sets

uCertify courses also include full length practice test sets designed to test your knowledge under real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure you are 100% prepared before taking your certification exam.

Exam Simulators

Online labs to supplement your training. uCertify labs are an inexpensive & safe way to explore and learn. uCertify labs are versatile - labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training.

State of the Art Educator Tools

uCertify knows the importance of instructors and provide tools to help them do their job effectively. Instructors are able to clone and customize course, do ability grouping, create sections, design grade scale and grade formula, create and schedule assignments. Educators can also move a student from self-paced to mentor-guided to instructor-led mode in three clicks.

Award Winning Learning Platform (LMS)

uCertify has developed an award winning, highly interactive yet simple to use platform. uCertify understands that it is critical to help student focus on learning the subject and not learning the LMS. uCertify helps student retain and recall the knowledge by teaching students using interactive exercises. Features such as actionable analytics and study planner help in keeping students focused.


Course/Exam Objectives

  • Lesson 1: Security Threats and Attacks
    • Buffer Overflow Defenses
    • Denial of Service Attacks
    • Format String Attacks
    • IP Address Spoofing
    • Password Attacks
    • Virtual Machine Attacks
    • Using Firewalk
    • Web Application Attacks
    • Session Hijacking, Tools and Defenses
  • Lesson 2: Virus
    • Backdoors & Trojan Horses
    • User-Mode Rootkits
    • Kernel-Mode Rootkits
    • Worms, Bots & Bot-Nets
  • Lesson 3: Incident Handling
    • Incident Handling and the Legal System
    • Incident Handling Defined
    • Incident Handling Phase 1: Preparation
    • Incident Handling Phase 2: Identification
    • Incident Handling Phase 3: Containment
    • Incident Handling Phase 4: Eradication
    • Incident Handling Phase 5: Recovery
    • Incident Handling Phase 6: Lessons Learned
    • Intellectual Property Incidents
    • Espionage Incidents
  • Lesson 4: System Scanning and Exploitation
    • General Trends in the Hacker Underground
    • Reconnaissance
    • Scanning: Network Mapping, Port Scanning, and Passive Fingerprinting
    • Scanning: Wardialing and Wireless discovery
    • Network Sniffing
    • Exploiting Systems using Netcat
    • Exploiting Windows Shares for Shell Access
    • Vulnerability Scanning With Nessus
  • Lesson 5: Covering tracks
    • Covering Tracks in Unix-Linux
    • Covering Tracks on the Network
    • Covering Tracks with Steganography

Career Prospects

A GCIH certified professional has career opportunities open up to them, including:

  • GIAC Network security Tester
  • Network security administrator
  • System Analyst
  • Firewall administrator
  • Application Developer
  • Network Security Analyst


Exam FAQs

What certificate do I earn on passing the exam?
If you pass CIW's exam you will get credit towards the following certification:
What is the exam registration fee?
USD 999

  • GIAC challenge certification attempt is $999
  • Certification attempts taken in conjunction with the associated SANS training course are $549

Where do I take the exam?
The GIAC exam is administered by Pearson VUE at testing centers worldwide. Click here to find a testing center near you.
What is the format of the exam?
The exam consists of linear, Multiple choice, Situational questions.
What is the Pre-requisites of the exam?
While there are no official prerequisites to take the GCFA certification, both GIAC and uCertify strongly recommend that the candidate have knowledge of lower level concepts of incident handling before moving on to more advanced topics.
How many questions are asked on the exam?
The exam contains 150 questions.
What is the duration of the exam?
240 minutes
What is the passing score?

(on a scale of 0-1000)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the GCIH, GIAC's retake Policy is:

  • You may purchase a retake exam at the cost of $499 from GIAC's website within 30 days of your listed expiration date.
  • Purchasing a retake after an exam failure extends your final certification deadline by 60 days; this includes the 30-day waiting period.
  • After 3 failed attempts, a candidate has to wait for one year to get GIAC certification.
What is the validity of the certification?
GIAC Certified Intrusion Analyst certification expires 4 years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.
Where can I find more information about this exam?
To know more about the GCIH exam, click here.

At a Glance

Course Includes Free Buy
Lessons 1 5
Pre-Assessment Yes Yes
Practice Tests 0 2
Total Questions 29 330
Interactive Quizzes 15 158
Final Test No Yes

Overall Customer Rating!


4.6 out of 5 Pass Ratio: 97.23%.
9 out of 10 customers who purchased this course would recommend the product to their friends.

Our Customers are talking!

I can't believe it. I cleared my gcih exam with an excellent score. I hope that you will continue with quality. Thanks ucertify

Bob Chadwick

This study material is simply the best. All the topics are covered and described in the best way. Once you will cover a topic, you will become maser of it. Thanks ucertify

Asher Stuart

Copyright © 2014 uCertify / All rights reserved.