McAfee Secure


Certification: GCIH

Certification Full Name: GIAC Certified Incident Handler

Certification Provider: GIAC

Exam Code: GCIH

Exam Name: GIAC Certified Incident Handler

certificationsCard1 $19.99

Pass Your GCIH Exams - 100% Money Back Guarantee!

Get Certified Fast With Latest & Updated GCIH Preparation Materials

  • Questions & Answers

    GCIH Questions & Answers

    328 Questions & Answers

    Includes questions types found on actual exam such as drag and drop, simulation, type in, and fill in the blank.

  • Study Guide

    GCIH Study Guide

    243 PDF Pages

    Study Guide developed by industry experts who have written exams in the past. They are technology-specific IT certification researchers with at least a decade of experience at Fortune 500 companies.

Certification Overview

This is an essential certification that aims at assisting the incident handlers to have the basic knowledge on how to handle security attacks with the use of diversified tools, as well as techniques that are supposed to be used. the main areas of interest in this certification includes; responding, detecting as well as solving some of the common security incidents that are computer related. This is a worthy course that will identify the major steps that should be used in the handling of incidents that commonly occur on computers, the student will also be able to detect some of the most common malicious applications and other network related vulnerabilities. Upon the completion of the course, the students will be informed on the various procedures of enhancing computer security.

Who can do this certification?

All the IT experts that work within a computer related field can do this course. These skills are also worthy for the working staff who normally deal with computers in their areas of operation. The professionals who have much experience in incident handling will also have an upper hand. All those who need the needed information in the safeguarding of computer systems against hackers or other malicious threats can join for this course. IT administrators, system analysts, programmers, web designers and other IT experts can do this course.


This is an essential course that will enable the professionals to be competent in handling some of the most common attacks. The modern techniques that cover computer security are well covered. The experts will analyze the computer systems in an efficient way, and this will reduce the obvious risks such as the network problems, or any common incidents that usually lower the normal functioning of the computer.

Associated Exam

An individual will have to do the GCIH examination.


For all the beginners, there is no particular training as such. This is an open course for all the candidates who want to expand their experience in certain objectives that revolve around the computer security. However, it is helpful to join the SANS training, which has fully covered the various techniques as well as exploits that covers the incident handling. The students must have some practical experience in dealing with the computers.

Examination Overview

It is essential for the potential candidate to pass the GCIH examination, which covers the following topics:

  1. Buffer overflows
  2. Tracks and networks
  3. Tracking systems
  4. Denial of service attacks
  5. Using of Netcat for exploration of systems
  6. String attacks
  7. Incident handling
  8. Network sniffing
  9. Reconnaissance
  10. Root kits
  11. Host discovery

This is a full detailed course that will equip the student with an advanced security system; the procedures that are mainly taught include password cracking, knowing the techniques that are important for host delivery, implementation of firewall policies, network mapping, and identification of some of the hijacking tools as well. There are many types of incidents that a candidate will be exposed to such as espionage, intellectual property; unauthorized use.

Through this certification, an individual will be able to understand the virtual environment in relation to the attacker's perspective. The candidate will also understand more on the worms, bots, and the ways to protect against these. Upon the completion of this course, a student will be versed with the basic understanding of IP spoofing, and also understand on the various forms of Denial of Service attacks, Netcat utility, and how to prevent against such systems. Through the skills acquired, the student will be able to know the manner in which attackers hide various files and directories. The backdoors as well as the Trojan horses is something that will be fully discussed, as well as the ways of defending against the buffer overflows.

The examination normally consists of 150 questions which should be done within a period of 4 hours. The required pass mark for the test is 72%. These examinations are usually delivered online through a specific web browser.

Validity of certification

The certificate is renewed after a period of four years.

Expert Review

The professional will be satisfied with the approaches that are highlighted in this certificate, which aims at removing the attacker's artifacts on various computers. There is also an in-depth knowledge on the defense against network sniffing, IP address spoofing, password attacks, and root kits. This is a necessary course for all those who want to have a basic understanding of network mapping as well as fingerprinting strategies, and methods of protecting against them.

Morgan Clay, security Administrator,

Roseville, CA

Frequently Asked Questions

How can I get the products after purchase?

All products are available for download immediately from your Member's Area. Once you have made the payment, you will be transferred to Member's Area where you can login and download the products you have purchased to your computer.

How long can I use my product? Will it be valid forever?

Test-King products have a validity of 90 days from the date of purchase. This means that any updates to the products, including but not limited to new questions, or updates and changes by our editing team, will be automatically downloaded on to computer to make sure that you get latest exam prep materials during those 90 days.

Can I renew my product if when it's expired?

Yes, when the 90 days of your product validity are over, you have the option of renewing your expired products with a 30% discount. This can be done in your Member's Area.

Please note that you will not be able to use the product after it has expired if you don't renew it.

How often are the questions updated?

We always try to provide the latest pool of questions, Updates in the questions depend on the changes in actual pool of questions by different vendors. As soon as we know about the change in the exam question pool we try our best to update the products as fast as possible.

How many computers I can download Test-King software on?

You can download the Test-King products on the maximum number of 2 (two) computers or devices. If you need to use the software on more than two machines, you can purchase this option separately. Please email if you need to use more than 5 (five) computers.

What is a PDF Version?

PDF Version is a pdf document of Questions & Answers product. The document file has standart .pdf format, which can be easily read by any pdf reader application like Adobe Acrobat Reader, Foxit Reader, OpenOffice, Google Docs and many others.

Can I purchase PDF Version without the Testing Engine?

PDF Version cannot be purchased separately. It is only available as an add-on to main Question & Answer Testing Engine product.

What operating systems are supported by your Testing Engine software?

Our testing engine is supported by Windows. Android and IOS software is currently under development.


Money Back Guarantee

Test-King has a remarkable GIAC Candidate Success record. We're confident of our products and provide a no hassle money back guarantee. That's how confident we are!

Total Cost: $154.98
Bundle Price: $134.99

Purchase Individually

  • Questions & Answers

    Questions & Answers

    328 Questions

  • Study Guide

    Study Guide

    243 PDF Pages