1 / 15
C842 Cyber Defense and Counter measures EC Council CertifiedIncident Handler CIH Tools and Commands
1.PILAR: Risk analysis and Management tool
2.Pilar: Assess risk against critical assets. Qualitative and quantitative.
Generate risk assessment reports
3.Group Policy Management console: Security policy Tools
4.Manageengine … plus: Ticketing system Tools
5.Alien vault: Ticketing system Tools
6.Busk-security: Incident analysis and validation Tools
7.Busk-security: Collection of security checks for Linux. Identify securitystatus.
8.kiwi syslog: Incident analysis and validation Tools
9.Splunk light: Incident analysis and validation Tools
10.kiwi syslog: message Management tool across servers and network
2 / 15
devices. Syslog messages, SNMP traps, event log, real time
11.Splunk light: Collecting monitoring analyzing low from servers
applications and other sources.
12.Microsoft Baseline Security Analyzer (MBSA): Tools for detecting
missing security patches
13.Microsoft Baseline Security Analyzer (MBSA): Determine security
State. Scan for missing patches and misconfigs.
14.Magic tree: Report writing tools
15.Keepnote: Report writing tools
16.FTK…: Data Imaging Tools
17.FTK Imager: data preview and imaging tool that enables analysis of
files and folders on local hard drives, CDs/DVDs, network drives, and
examination of the content of forensic images or memory dumps
18.R-Drive…: Data Imaging Tools
19.R-Drive…: provides creation of disk image files for backup or
duplication purposes. restores the images on the original disks, on
any other partitions, or even on a hard drive’s free space. one can
3 / 15
restore the system after heavy data loss caused by an operating
system crash, virus attack, or hardware failure
20.· EnCase Forensic
Data Acquisition
Toolbox
· RAID Recovery for Windows
4 / 15
· R-Tools R-Studio
F-Response Imager: Data Imaging Tools
21.HashCalc: Image Integrity Tools
22.HashCalc: compute multiple hashes, checksums, and HMACs for
files, text, and hex strings.
23.MD5 Calculator: Image Integrity Tools
24.MD5 Calculator: calculating the MD5 hash value of the selected file
25.HashMyFiles: Image Integrity Tools
26.HashMyFiles: small utility that allows to calculate the MD5 and
SHA1 hashes of one or more files in the system. It allows copying of
the MD5/SHA1 hashes list into the clipboard or save them into
text/html/xml file
27.PsUptime (Windows): · Shows system uptime
28.Net Statistics (Windows): · Shows system uptime
29.Uptime and W (Linux): · Shows system uptime
30.Netstat -ab (Windows): determine all the executable files for running
process- es