Computer Hacking Forensic Investigator (CHFI) v9

Course Code:

5 days
9:00am to 5.00pm
Course Fees:
S$2,800 (excl of G.S.T)
2021 Course Dates
12 – 16 Jul 2021
27 Sep – 1 Oct 2021
18 – 22 Oct 2021
13 – 17 Dec 2021
None of the published dates will work for you? Speak to our training consultants for a private tuition arrangement or a closed door training.
Do note that this course listed uses digital courseware. You are required to bring your own device to access the digital manual.

Course Overview

EC-Council’s CHFI certifies individuals in the specific security discipline of computer forensics from a vendor-neutral perspective. The CHFI certification will fortify the application knowledge of law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals, and anyone who is concerned about the integrity of the network infrastructure.

Program Objectives

• Perform incident response and forensics

• Perform electronic evidence collections

• Perform digital forensic acquisitions

• Perform bit-stream Imaging/acquiring of the digital media seized during the process of investigation

• Examine and analyze text, graphics, multimedia, and digital images

• Conduct thorough examinations of computer hard disk drives, and other electronic data storage media

• Recover information and electronic data from computer hard drives and other data storage devices
• Follow strict data and evidence handling procedures

• Maintain audit trail (i.e., chain of custody) and evidence integrity

• Work on technical examination, analysis and reporting of computer-based evidence

• Prepare and maintain case files

• Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files

• Gather volatile and non-volatile information from Windows, MAC and Linux

• Recover deleted files and partitions in Windows, Mac OS X, and Linux

• Perform keyword searches including using target words or phrases

• Investigate events for evidence of insider threats or attacks

• Support the generation of incident reports and other collateral

• Investigate and analyze all response activities related to cyber incidents

• Plan, coordinate and direct recovery activities and incident analysis tasks

• Examine all available information and supporting evidence or artefacts related to an incident or event

• Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

• Conduct reverse engineering for known and suspected malware files

• Identify data, images and/or activity which may be the target of an internal investigation

• Perform detailed evaluation of the data and any evidence of activity in order to analyze the full circumstances and implications of the event

• Establish threat intelligence and key learning points to support pro-active profiling and scenario modelling

• Search file slack space where PC type technologies are employed

• File MAC times (Modified, Accessed, and Create dates and times) as evidence of access and event sequences

• Examine file type and file header information

• Review e-mail communications including web mail and Internet Instant Messaging programs

• Examine the Internet browsing history

• Generate reports which detail the approach, and an audit trail which documents actions taken to support the integrity of the internal investigation process

• Recover active, system and hidden files with date/time stamp information

• Crack (or attempt to crack) password protected files

• Perform anti-forensics detection

• Maintain awareness and follow laboratory evidence handling, evidence examination, laboratory safety, and laboratory security policy and procedures
• Play a role of first responder by securing and evaluating a cybercrime scene, conducting preliminary interviews, documenting crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, reporting of the crime scene

• Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred

• Apply advanced forensic tools and techniques for attack reconstruction

• Perform fundamental forensic activities and form a base for advanced forensics

• Identify and check the possible source/incident origin

• Perform event co-relation

• Extract and analyze logs from various devices such as proxies, firewalls, IPSes, IDSes, Desktops, laptops, servers, SIM tools, routers, switches, AD servers, DHCP servers, Access Control Systems, etc.

• Ensure that reported incident or suspected weaknesses, malfunctions and deviations are handled with confidentiality

• Assist in the preparation of search and seizure warrants, court orders, and subpoenas

• Provide expert witness testimony in support of forensic examinations conducted by the examiner

• Cyber security as a profession has seen tremendous growth over the past 10 years and EC-Council has been on the leading edge of this profession. Practices in Network Defense, Ethical Hacking, and Penetration Testing have proven to be the pillars of cyber security teams across the globe and Digital Forensics is no exception. Whether you operate a team of 2 or 2,000 to tackle Cyber issues facing your organization, digital forensics must be a part of the equation as a critical skill and daily practice

Course Outline

Module 1: Computer Forensics in Today’s World

Module 2: Computer Forensics Investigation Process

Module 3: Understanding Hard Disks and File Systems

Module 4: Data Acquisition and Duplication

Module 5: Defeating Anti-Forensics Techniques

Module 6: Operating System Forensics

Module 7: Network Forensics

Module 8: Investigating Web Attacks

Module 9: Database Forensic

Module 10: Cloud Forensic

Module 11: Malware Forensic

Module 12: Investigating Email Crimes

Module 13: Mobile Forensic

Module 14: Forensics Report Writing and Presentation

Click here for full Course Outline

Take The Next Step

It Takes Less Than 5 Min

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various information security and e-business skills. EC-Council has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker(CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs, that are offered in over 92 countries through a training network of more than 500 training partners globally.

They researched the web for “Information Security” programs that would be able to provide Information Security professionals with the necessary tools and education that will help them avert a cyber war, should the need ever arise.

The results returned from the research were disappointing and that motivated them to form the International Council of Electronic Commerce Consultants, known as the EC-Council.

They soon gained the support of subject matter experts from all over the world that eventually led to the creation of various standards and certifications both in the electronic commerce and information security space.