Course Description
OVERVIEW
The Computer Hacking Forensic Investigator (CHFI) course teaches digital forensics from a vendor-independent standpoint. CHFI is a comprehensive course that covers major forensic investigation scenarios and allows students to gain hands-on experience with various forensic investigation techniques and standard forensic tools required to successfully conduct a computer forensic investigation that leads to the prosecution of perpetrators.
The CHFI certification provides participants with the necessary skills to conduct an effective digital forensics investigation (Law enforcement personnel, system administrators, security officers, defence and military personnel, legal professionals, bankers, security professionals, and anyone concerned about the integrity of the network infrastructure).
CHFI gives a methodical approach to computer forensics that includes searching and seizing, chain-of-custody, digital evidence collecting, preservation, analysis, and reporting.
Course Outline
- Computer Forensics in Today’s World
- Computer Forensics Investigation Process
- Understanding Hard Disks and File Systems
- Data Acquisition and Duplication
- Defeating Anti-forensics Techniques
- Windows Forensics
- Linux and Mac Forensics
- Network Forensics
- Investigating Web Attacks
- Dark Web Forensics
- Database Forensics
- Cloud Forensics
- Investigating Email Crimes
- Malware Forensics
- Mobile Forensics
- IoT Forensics
Course Objective
- Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
- Perform anti-forensic methods detection
- Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
- Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
- Identify & check the possible source / incident origin.
- Recover deleted files and partitions in Windows, Mac OS X, and Linux
- Conduct reverse engineering for known and suspected malware files
- Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
Requirements
- Basic understanding of IT, cybersecurity, computer forensics, and incident response CEH training and certification recommended
Target audiences
- Digital Forensic Examiner
- Computer Crime Investigator
- Computer Forensic Analyst
- Network Forensic Examiner
- Computer Network Defense (CND) Forensic Analyst
- Forensic Analyst and technician
- Special Agent