GIAC Certified Incident Handler (GCIH) - Only 4 Days

Seven reasons why you should sit your GCIH course with Firebrand Training

Find Out How We Help You To Learn New Skills Quickly

  1. You’ll be trained in just 4 days.
  2. Our course is all-inclusive. A one-off fee covers all course materials, accommodation and meals
  3. Pass GCIH first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll get award-winning training. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 64,898 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study courseware. We use labs, case studies and practice tests to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

When do you want to sit your accelerated course?

Start

Finish

Status

Book now

Open

Book now

Open

Book now

Open

Book now

Here's the Firebrand Training review section. Since 2001 we've trained exactly 64,898 students and asked them all to review our Accelerated Learning. Currently, 96.53% have said Firebrand exceeded their expectations:



"Course was interactive, and beneficial with extensive content. Food was plentiful, good facilities with friendly staff."
Roman Hill, Fiserv . - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"Very impressed with the details of the course and thanks to the instructor for assisting us and guiding us through the course. "
Anjay Mandalia, WOODGROUP . - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"A very informative and enjoyable experience."
I.M.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"5 Day GICSP is lead by an absolutely brilliant instructor. His wealth of knowledge is evident and his passion for the subject unmatched. He brought to life the training with real world scenarios and practical tips. I would strongly recommend this to any practitioner/aspiring professional within the ICS space."
L.S.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"Great teaching from skilled and experienced instructors."
Thomas Tronier-Rasmussen, DONG Energy Denmark. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/3/2017 to 17/3/2017)

"Our instructor for GICSP was very knowledgeable and very experienced, and this experience added a lot of value to the training that we received at Wyboston Lakes. The venue itself is also very good and lends itself well to intensive training courses. By the end of the week, we had developed camaraderie among the class, and a high degree of confidence that we will be able to pass our certification exams in the near future."
Robert Barnes. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/3/2017 to 17/3/2017)

"Our Trainer was extremely knowledgeable, helpful and very good at explaining things. Facilities and accommodation very good. No complaints especially as I passed."
D.H, Northumbrian Water Ltd. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/6/2016 to 17/6/2016)

"The real world experience from the instructor proves invaluable - a lot to learn not just about passing the exam"
Nicolas Goupil. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/6/2016 to 17/6/2016)

"This was my first experience with Firebrand and it went really well. The course was really intense and we were going through a lot. One thing, I would like to mention is that you should have a good and solid knowledge prior to taking this course, purely due to volume of material you have to go through. Facilities and Environment was really good. You have all the tools that you need to make it a successful training. Instructor was really knowledgeable and had lots of hands on experience. Definitely recommend to anyone."
D.I.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Firebrand Training is the best training centre ever! I have experienced extended help from my instructor when I decided not to sit for my exam due to a health problem, and was able to encourage me on when I should sit and pass my exam. Firebrand can help you to find the hiding talent you have."
Zaituni Mmari, eProcess international S.A (ECOBANK GROUP). - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Excellent facility, instruction and accommodation. Felt well prepared for the exam although it is important to remember to attend to the pre-requisites before arriving. Thanks for an immersive and successful week."
T.R., E.ON UK. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Great training facility and as long as you're willing to put the work in, you will get value from any Firebrand course."
P.A, Chemring Technology Solutions. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (26/1/2015 to 30/1/2015)

"Excellent facilities and course diversity. Instructor was again excellent and the boot camp style of learning beneficial to my learning style."
E.B, Chemring Technology Solutions. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (26/1/2015 to 30/1/2015)

"Good knowledge and experience on Cyber Security for ICS."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Firebrand provided a first class course and testing centre and makes getting the certification very simple. Having both training and exam in a single centre was very helpful."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Perfect!"
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Great course with big knowledge in a team of different experiences."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"I liked the efficiency of the training program, which provided training material, classrooms, equipment and facilities to effectively complete training in the most rapid and efficient way. The instructor is very knowledgeable, experienced, aware and helpful."
Akram Seyam. - Cisco CCDP Fast Track (ARCH) (3 days) (18/9/2017 to 20/9/2017)

"I really enjoy training at Firebrand Training. The trainers are top notch. Everyone makes you feel really welcome and at ease. The training is tough but worth it! I got all my certifications from this course first time, and it was all down to my Trainer. He really helped me learn new techniques in IT, especially when it comes to sub netting. He has help me develop my IT knowledge and now its time to put it to practice in the real world"
Timothy Farmer, Utilita Energy. - CompTIA A+ & Network+ (7 days) (11/9/2017 to 17/9/2017)

"This course was condensed but covered most of the topics. Will recommend to my colleagues and friends. One has to understand OOP, SDLC, VS, .net +Core. The Dev course was tough for me but the trainer made it understandable for me. "
P.A., kpdsolutions Ltd and contract client - TfL. - Microsoft MCSE: Cloud Platform and Infrastructure (Azure) (9 days) (9/9/2017 to 17/9/2017)

"As expected, I had an excellent experience here and the instructor knew the subject matter very well. I will definitely recommend Firebrand anytime and any day."
Ekhorutomwen Asemota, Capgemini. - Microsoft Specialist: Architecting Microsoft Azure Solutions (2 days) (16/9/2017 to 17/9/2017)

"Excellent and to the point, cannot not praise enough the instructor whose delivery was impeccable. "
P.V.. - Microsoft MCSD: Azure Solutions Architect (9 days) (9/9/2017 to 17/9/2017)

"The training was well structured and comprehensive. I filled in my Azure knowledge gaps and the instructor prepared me for the exams excellently, and was extremely knowledgeable, patient, and friendly throughout. All hail Lord Chinzilla!"
Chris Smallman. - Microsoft MCSE: Cloud Platform and Infrastructure (Azure) (9 days) (9/9/2017 to 17/9/2017)

"Lots of long days paid off - the course was tough but greatly rewarding. The instructor was a brilliant coach and we wouldn't have made it through the 9 days without him. The food wasn't bad either!"
Joseph Ellis, PA Consulting. - Microsoft MCSE: Cloud Platform and Infrastructure (Azure) (9 days) (9/9/2017 to 17/9/2017)

"The instructor has been great. Extremely enthusiastic and engaging. Would definitely recommend him to my colleagues. The structure and coverage of the material will definitely help me succeed with Azure, thanks Victor!"
Tarun Julka, Diligent Corporation. - Microsoft MCSE: Cloud Platform and Infrastructure (Azure) (9 days) (9/9/2017 to 17/9/2017)

"The format of the training is great - the idea of getting away from work and family allows for better focus."
Peter Callaghan, Engie. - (ISC)2 SSCP - Systems Security Certified Practitioner (5 days) (11/9/2017 to 15/9/2017)

"Very comfortable environment with the ease of hotel onsite. Facilities at training Centre are fantastic!"
Lorna Howard, M&G investments. - (ISC)2 SSCP - Systems Security Certified Practitioner (5 days) (11/9/2017 to 15/9/2017)

"Really knowledgeable and experienced instructor with great facilities."
Colin Rumsam, Digital Pathways Ltd. - (ISC)2 SSCP - Systems Security Certified Practitioner (5 days) (11/9/2017 to 15/9/2017)

"I always enjoy my courses at Firebrand and would recommend people take their courses here."
Ridhan Romjon, Retail 247. - Microsoft MCSE: Cloud Platform and Infrastructure (Azure) (9 days) (9/9/2017 to 17/9/2017)

"Very informative course, trainer was very friendly and added examples to concepts to help understanding. I was able to learn a lot of information over a short period of time."
Anonymous - App and Web Development Software Development Fundamentals (2 days) (14/9/2017 to 15/9/2017)

"The course instructor did a great job in explaining course material as well as how exam questions should be tackled. His delivery was engaging and useful."
Ravishan Gamase, BEA Systems AI. - ISACA CRISC Certification (Certified in Risk and Information Systems Control) (3 days) (11/9/2017 to 13/9/2017)

"The instructor was amazing and the labs were great. My 11th and last time at Firebrand as part of the apprenticeship scheme. The course itself was very advanced but really enjoyed the content. "
Anonymous, Gamma - VMware® vSphere: Install, Configure, Manage [V6.5] (5 days) (11/9/2017 to 15/9/2017)

"Firebrand training was really good and I like the format. Learning was at a fast and hard pace but as this is all you are doing for a week it really sinks in. The instructor was very enthusiastic and kept us all involved."
Harry Courtney-Buddle, OCSL. - VMware® vSphere: Install, Configure, Manage [V6.5] (5 days) (11/9/2017 to 15/9/2017)

"The perfect way to get certified fast. Friendly environment and professional instructors. Hard but satisfying work. Thank you all firebrand team!"
Alexander de Vries, Infrastructure Specialist. - VMware® vSphere: Install, Configure, Manage [V6.5] (5 days) (11/9/2017 to 15/9/2017)

"I would not hesitate for a moment to recommend Firebrand Training, the whole environment is conducive to quick, accurate and enjoyable learning"
Darren McDonagh, avis. - The Open Group TOGAF® 9 certified training (Level 1&2) (3 days) (11/9/2017 to 13/9/2017)

"Intensive means just that. Long and exhausting training days but the quality of instruction makes the time fly by. Looking forward to part 2!"
C.P.. - Microsoft Specialist: Implementing Microsoft Azure Infrastructure Solutions (3 days) (9/9/2017 to 11/9/2017)

"This was the full packaged experience - lodging, food, training and test!"
Niranjan Kunwar, Invesco. - (ISC)2 Certified Cloud Security Professional (CCSP) (6 days) (4/9/2017 to 9/9/2017)

"Intensive, focused, professional with an eye for the students comfort and motivating nature. Top!"
Florian Vankuelen , Triveedis LG. - (ISC)2 Certified Cloud Security Professional (CCSP) (6 days) (4/9/2017 to 9/9/2017)

"Really great environment for committed learning!"
Jeff Fimari, Rod 58 LTd. - (ISC)2 Certified Cloud Security Professional (CCSP) (6 days) (4/9/2017 to 9/9/2017)

"Hassle free, well organised operation allowing total focus on the training at hand."
Andy Hunt, Capgemini. - (ISC)2 Certified Cloud Security Professional (CCSP) (6 days) (4/9/2017 to 9/9/2017)

"The instructor was very engaging and knew his stuff! "
Anonymous - Microsoft Specialist: Implementing Microsoft Azure Infrastructure Solutions (3 days) (9/9/2017 to 11/9/2017)

"Dave has taught me in 8 days more about routing & switching networks than 19 years of running mid sized (500 user, multi site) corporate Cisco networks. The trainers are a priceless asset to firebrand. I wont hesitate to come back and do my CCNP."
Mark Boardman. - Cisco CCNA (Routing & Switching) Certification (7 days) (4/9/2017 to 10/9/2017)

"Third time at FB and have been pleased with the facilities and training assigned."
Steven Roberts, Leicestershire Police. - BCS CISMP (4 days) (4/9/2017 to 7/9/2017)

"Best training on market. Everything clear explained and friendly trainer with big passion and flexibility. "
A.C., Adler and Allan Ltd. - Cisco CCNA (Routing & Switching) Certification (7 days) (4/9/2017 to 10/9/2017)

"Fantastic instructor, teaching methods are second to none."
Anthony Cummings. - Cisco CCNA (Routing & Switching) Certification (7 days) (4/9/2017 to 10/9/2017)

"A great course backed up by real world experience. The instructor has a great way of delivering the content and injecting fun into the course. I will certainly use the knowledge gained moving forward."
C.S.. - EC-Council Certified Ethical Hacker (CEH) (5 days) (4/9/2017 to 8/9/2017)

"It was a great experience to attend this training. Although it was a lot of information in only 5 days, I have learned about a lot of tools, methodologies, devices. IT Security is a long journey and this was a great start for me. "
Kamil Bosowski, Akamai. - EC-Council Certified Ethical Hacker (CEH) (5 days) (4/9/2017 to 8/9/2017)

"The course was well presented and provided great knowledge. "
Blair Ogilvie, Xenith. - ITIL® Foundation Certification (2 days) (31/8/2017 to 1/9/2017)

"Awesome teacher and great source of information."
Adrian Williams, Utilita. - ITIL® Foundation Certification (2 days) (31/8/2017 to 1/9/2017)

"One of the best trainers I have experienced in 30 years - Top class!"
Mike Fox, FFRC. - ISACA CISA Certification (4 days) (29/8/2017 to 1/9/2017)

Get the skills you need to detect, respond to and resolve computer security incidents in just four days. On this accelerated GIAC Certified Incident Handler (GCIH) course, you’ll develop the skills and knowledge needed to manage sensitive security incidents.

As organisations strive to improve their cyber security, Incident Handlers are increasingly in demand and the GCIH certification qualifies you for this critical role.

You’ll build knowledge of common attack techniques, vectors and tools as you learn how to defend and respond to potentially devastating cyber attacks. On this GCIH course, you’ll also learn:

  • The incident handling process
  • How to detect malicious applications and network activity
  • High-level containment strategies to prevent attackers causing further damage
  • Incident recovery and system restoration
  • How to detect and analyse system and network vulnerabilities

Firebrand's GCIH training will prepare you for the GIAC Certified Incident Handler (GCIH) exam and provides knowledge equivalent to the SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling.

Firebrand’s unique Lecture | Lab | Review methodology will immerse you in your accelerated GCIH course as you combine GIAC curriculum with practical, hands-on labs. This is crucial as GIAC recommends hands-on experience with the technology covered by your certification.

This accelerated GCIH training is ideal for IT Incident Handlers, IT Operational Team Leaders, Managers of incident handling teams, IT Security staff, IT System administrators and IT Support staff.

Read more ...

Interested? See prices or call 080 80 800 888

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a Certification Guarantee. Pass first time or train again for free (just pay for accommodation, exams and incidental costs). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.

Read more ...

Interested? See prices or call 080 80 800 888

Incident Handling: Identification

  • Get an understanding of important strategies to gather events, analyse them, and determine if you have an incident

Incident Handling: Overview and Preparation

  • Prove your understanding of Incident Handling, why it is important, and gain an understanding of best practices to take in preparation for an incident

Buffer Overflows and Format String Attacks

  • Demonstrate an understanding of how buffer overflows and format string attacks work and how to defend against them

Client Attacks

  • Gain an understanding of various client attacks and how to defend against them

Covering Tracks: Networks

  • Learn how attackers use tunnelling and covert channels to cover their tracks on a network, and the strategies involved in defending against them

Covering Tracks: Systems

  • Discover how attackers hide files and directories on Windows and Linux hosts and how they attempt to cover their tracks

Denial of Service Attacks

  • Get a comprehensive understanding of the different kinds of Denial of Service attacks and how to defend against them

Incident Handling: Containment

  • You’ll demonstrate an understanding of high-level strategies to prevent an attacker from causing further damage to the victim after discovering the incident.

Incident Handling: Eradication, Recovery, and Lessons Learned

  • Gain an understanding of the general approaches to get rid of the attacker's artefacts on compromised machines, the general strategy to safely restore operations, and the importance of the incident report and lessons learned meetings

Network Attacks

  • You’ll get an understanding of various network attacks and how to defend against them

Password Attacks

  • Prove your detailed understanding of the three methods of password cracking

Reconnaissance

  • Demonstrate your understanding of public and open source reconnaissance techniques

Scanning: Discovery and Mapping

  • Get introduced to scanning fundamentals; to discover and map networks and hosts, and reveal services and vulnerabilities

Scanning: Techniques and Defence

  • Learn the techniques and tools used in scanning, and how to response and prepare against scanning

Session Hijacking and Cache Poisoning

  • Demonstrate an understanding of tools and techniques used to perform session hijacking and cache poisoning, and how to respond and prepare against these attacks

Techniques for maintaining access

  • Learn how Trojan horses and rootkits operate, what their capabilities are and how to defend against them

Web Application Attacks

  • Demonstrate an understanding of the value of the Open Web Application Security Project (OWASP), as well as different Web App attacks such as account harvesting, SQL injection, Cross-Site Scripting and other Web Session attacks

Worms, Bots & Bot-Nets

  • Demonstrate a detailed understanding of what worms, bots and bot-nets are, and how to protect against them

Read more ...

Interested? See prices or call 080 80 800 888

Frequently asked questions

Q. How do I get my GIAC GCIH certification?

To achieve your GCIH certification, you must pass the GIAC Certified Incident Handler (GCIH) exam.

Q. How much does the accelerated GCIH course cost?

You can find the accelerated GCIH course price here.

Q. What are the GCIH course prerequisites?

There are no official prerequisites to take any GIAC certification, including GCIH. However, you should be aware of the technical level of the course you want to take.

For this GCIH course, you should possess knowledge of networking protocols, Windows Command Line, and an understanding of basic computer networking and security.

Q. Are GIAC exams open book?

Yes, GIAC exams are open book and you’re encouraged to take advantage of this.

Q. What happens if I fail my GCIH exam?

If you fail your GCIH exam, you’ll be subjected to a 30-day waiting period before you can sit the exam again. The 30-day period provides candidates with additional time that can be used to master certification knowledge.

Q. Are GIAC certifications recognised by employers?

GIAC certifications are a good indication of cyber security skill and knowledge and are used by employers to select employees for hiring and promotion.

GIAC certifications fill gaps in security knowledge and few other qualifications cover the same material. Plus, GIAC certifications also contain invaluable practical knowledge, proving you know how to perform the task required.

Q. What’s the average salary for a GCIH certified professional?

The average salary for a GIAC Certified Incident Handler (GCIH) professional is £60,000 in the UK, according to ITJobsWatch.

Q. What is GIAC Gold?

The GIAC Gold is a second level certification which requires completion of a technical paper covering an important area of security.

GIAC Gold demonstrates that a GIAC certification holder understands and can communicate their knowledge in key areas of information security.

Pass any GIAC certification and you’ll get the option to apply for GIAC Gold. Applicants will work closely with an advisor to develop a technical report.

If the report is approved, you will receive GIAC Gold status and you report will be accepted into the SANS Reading Room.

Q. What is the GIAC Advisory Board, and how can I join it?

Score an average of 90% or above on your GIAC certification exam and you’ll be invited to join the GIAC Advisory Board.

Read more ...

Interested? See prices or call 080 80 800 888

This accelerated GCIH course will prepare you for the following exam. The exam fee is not included in the course price; if you wish to take the exam, we’ll provide instructions on how to register with GIAC.

  • GIAC Certified Incident Handler (GCIH) exam
    • Number of Questions: 150
    • Duration: 4 hours
    • Type: Proctored Exam
    • Passing score: 73%

You will be required to renew your GCIH certification every four years through Continuing Professional Experience (CPE) credits.

Read more ...

Interested? See prices or call 080 80 800 888

The following is included on your accelerated GCIH course:

  • Firebrand courseware

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Accelerated Learning Programmes include:

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • On site testing ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Transportation to/from designated local railway stations
  • Examination Passing Policy

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Firebrand goes digital

We’re currently migrating from printed to digital courseware. Some courseware is already available in digital, while other books remain in printed form. To find out if this course is digital, call us on 080 80 800 888.

There are several benefits of easy-to-use digital courseware: downloads are immediate, and you’ll always have your courseware available wherever you are. You won’t need to wait for a printed book to be delivered before you start learning – and it’s better for the environment. You can choose to download the courseware to your own device, or borrow one of ours.

Considering a Microsoft course? Always have the most up-to-date Microsoft digital courseware with ‘Fresh Editions’. This gives you access to all versions of digital courseware – you’ll receive updates and revisions of your textbook, at no charge, for the life of that course.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: PMI, GIAC, CISA, CISM, CGEIT, CRISC, CISSP CBK Review and CSX Practitioner Level 1,2 and 3
  • *** On site testing is not included for our PMI, GIAC, CSX Practitioner or ITIL Managers and Revision Certification Courses.
  • **** Accommodation not included on the CISSP CBK Review Seminar

Read more ...

Interested? See prices or call 080 80 800 888

You should possess:

  • An understanding of basic computer networking and security principles
  • Knowledge of networking protocols
  • Knowledge of the Windows command line

Unsure whether you meet the prerequisites?

Don’t worry - we’ll discuss your technical background, experience and qualifications to determine whether this accelerated course suits you.

Just call us on 080 80 800 888 and speak to one of our enrolment consultants.

Firebrand is an immersive environment and requires commitment. Some prerequisites are simply guidelines; you may find your unique experience, attitude and determination enables you to succeed on your accelerated course.

Interested? See prices or call 080 80 800 888