Computer Hacking Forensics Investigator (CHFI)

  • Category
    EcCouncil
  • Course Duration
    40 Hours
  • Course Profile
    Click Here
Computer Hacking Forensics Investigator (CHFI)

Computer Hacking Forensics Investigator (CHFI)
Register Now

It is a full course of impartial vendor that covers all major criminal investigation techniques and solutions and also covers all knowledge bases and skills needed to meet regulatory compliance standards such as ISO 27001, PCI DSS, SOX, or HIPPA. The program introduces the iterative forensic investigation methodology required by a versatile digital forensic specialist which increases your employability

Course Overview

It is a full course of impartial vendor that covers all major criminal investigation techniques and solutions and also covers all knowledge bases and skills needed to meet regulatory compliance standards such as ISO 27001, PCI DSS, SOX, or HIPPA. The program introduces the iterative forensic investigation methodology required by a versatile digital forensic specialist which increases your employability

Course Outlines

  • Computer forensics in today’s world
  • Computer forensics investigation process
  • Understanding hard disks and file systems
  • Operating system forensics
  • Defeating anti-forensics techniques
  • Data acquisition and duplication
  • Network forensics
  • Investigating web attacks
  • Database forensics
  • Cloud forensics
  • Malware forensics
  • Investigating email crimes
  • Mobile forensics
  • Investigative reports

Course Objectives

  • Perform incident response and forensics
  • Perform electronic evidence collections
  • Perform digital forensic acquisitions
  • Perform bit-stream Imaging/acquiring of the digital media seized during the process of investigation.
  • Examine and analyze text, graphics, multimedia, and digital images
  • Conduct thorough examinations of computer hard disk drives, and other electronic data storage media
  • Recover information and electronic data from computer hard drives and other data storage devices
  • Follow strict data and evidence handling procedures
  • Maintain audit trail (i.e., chain of custody) and evidence integrity
  • Work on technical examination, analysis and reporting of computer-based evidence
  • Prepare and maintain case files
  • Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files
  • Gather volatile and non-volatile information from Windows, MAC and Linux
  • Recover deleted files and partitions in Windows, Mac OS X, and Linux
  • Perform keyword searches including using target words or phrases
  • Investigate events for evidence of insider threats or attacks
  • Support the generation of incident reports and other collateral
  • Investigate and analyze all response activities related to cyber incidents
  • Plan, coordinate and direct recovery activities and incident analysis tasks
  • Examine all available information and supporting evidence or artefacts related to an incident or event
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
  • Conduct reverse engineering for known and suspected malware files
  • Perform detailed evaluation of the data and any evidence of activity in order to analyze the full circumstances and implications of the event
  • Identify data, images and/or activity which may be the target of an internal investigation
  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
  • Search file slack space where PC type technologies are employed
  • File MAC times (Modified, Accessed, and Create dates and times) as evidence of access and event sequences
  • Examine file type and file header information
  • Review e-mail communications including web mail and Internet Instant Messaging programs
  • Examine the Internet browsing history
  • Generate reports which detail the approach, and an audit trail which documents actions taken to support the integrity of the internal investigation process
  • Recover active, system and hidden files with date/time stamp information
  • Crack (or attempt to crack) password protected files
  • Perform anti-forensics detection
  • Maintain awareness and follow laboratory evidence handling, evidence examination, laboratory safety, and laboratory security policy and procedures
  • Play a role of first responder by securing and evaluating a cybercrime scene, conducting preliminary interviews, documenting crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, reporting of the crime scene
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Apply advanced forensic tools and techniques for attack reconstruction
  • Perform fundamental forensic activities and form a base for advanced forensics
  • Identify and check the possible source/incident origin
  • Perform event co-relation
  • Extract and analyze logs from various devices such as proxies, firewalls, IPSes, IDSes, Desktops, laptops, servers, SIM tools, routers, switches, AD servers, DHCP servers, Access Control Systems, etc.
  • Ensure that reported incident or suspected weaknesses, malfunctions and deviations are handled with confidentiality
  • Assist in the preparation of search and seizure warrants, court orders, and subpoenas
  • Provide expert witness testimony in support of forensic examinations conducted by the examiner

Course Prerequisites

It is strongly recommended that you attend the CEH class before enrolling into CHFI program.

Course Schedule

 

CourseDateDaysLocation
CHFI10-Mar-245Cairo, Egypt + live virtual online
CHFI26-May-245Cairo, Egypt + live virtual online
CHFI31-Aug-245Cairo, Egypt + live virtual online

Course Delivery Format

  1. In-Person Training:

Benefits:

Personal Interaction: Participants can interact with the instructor and fellow learners, fostering a sense of community.

Immediate Feedback: Instructors can provide real-time feedback, addressing questions and concerns on the spot.

Hands-on Activities: Practical exercises and group activities can be conducted more effectively in person.


  1. Online Training:

Benefits:

Flexibility: Learners can access the course content at their own pace and time, accommodating diverse schedules.

Cost-Effective: Eliminates the need for travel and accommodation expenses, making it more economical.

Scalability: Can accommodate a large number of participants simultaneously, making it suitable for widespread audiences.


  1. Blended Learning (Combination of In-Person and Online):

Benefits:

Flexibility: Combines the advantages of both in-person and online formats, offering a balance between structure and autonomy.

Cost-Efficiency: Reduces the need for extensive in-person sessions, saving on travel and venue costs.

Adaptability: Can cater to diverse learning styles by incorporating various modes of instruction.


  1. Virtual Classrooms:

Benefits:

Real-Time Interaction: Allows for live Q&A sessions, discussions, and engagement with participants.

Accessibility: Participants from different locations can join without the need for physical presence.

Recording Options: Recordings can be made available for participants who may have missed the live session.


  1. Self-Paced Learning (eLearning Modules, Videos):

Benefits:

Individualized Learning: Participants can progress at their speed, revisiting content as needed.

Consistency: Ensures uniform delivery of content to all participants.

24/7 Accessibility: Learners can access materials whenever and wherever is convenient for them.


  1. Customized Courses:

Relevant Content: Tailored to specific organizational goals.

Industry Focus: Incorporates real industry challenges.

Adapted Learning: Matches varied skill levels of participants.

Focused Skills: Targets key competencies for job success.

Cultural Sensitivity: Respects diverse backgrounds within the organization.

Engaging Content: Uses relatable examples and scenarios.

Flexible Delivery: Adaptable to different learning formats.

Measurable Success: Sets clear objectives for easy evaluation.

Continuous Improvement: Uses feedback for ongoing enhancements.

Cost-Effective: Efficiently directs resources for maximum impact.