EC-Council CHFI v8

EC-Council Computer Hacking
Forensics Investigator v8

The EC-Council CHFI Computer Hacking Forensics Investigator v8 Training Package from Certify I.T Training includes expert instructor-led training modules with customised presentations, practice simulators and learning supplements including the EC-Council Training Kit for an all-inclusive training program that provides the benefits of classroom training at your own pace.

EC Council's CHFI: Computer Hacking Forensics Investigator certification training course provides students with the necessary training to identify a hacker or intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law. Computer Hacking Forensic Investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. With the CHFI certification, you will begin to understand the application of computer investigation and analysis techniques in the interests of determining potential legal evidence.

Certify I.T Training's CHFI training course will immerse the student into an interactive environment where they will trace the tracks of a hacker through a client’s systems, trace the originator of defamatory emails, and recover signs of fraud. Students will learn CHFI investigation methods for discovering data that resides in a computer system and recovering deleted, encrypted, or damaged file information. CHFI is a vendor-neutral certification that validates knowledge in securing and analyzing electronic evidence.

Certify I.T Training is an EC-Council Authorized Training Provider for online training, ensuring our course follows the approved curriculum and you receive the training and knowledge needed to succeed. Certify I.T Training is so certain this course meets and exceeds the exam objectives, we guarantee you will pass your exam!


Deployment Methods

EC-Council CHFI

EC-Council CHFI v8, 1 Yr Access, & Technical Email Support, 1 Study guide, 40 hours Self Study, 1 Yr Technical Email Support, Training simulations.

EC-Council CHFI v8

Course Outline

Module 01: Computer Forensics in Today's World
Forensics Science
Forensics Readiness
Cyber Crime
Cyber Crime Investigation
Cyber Crime Investigation
Corporate Investigations
Reporting a Cyber Crime

Module 02-03: Computer Forensics Investigation Process
Before the Investigation
Build a Forensics Workstation
Building the Investigation Team
Acquire Authorization
Obtain Search Warrant
First Responder
Collect Physical Evidence
Collect Electronic Evidence
Secure the Evidence
Chain of Custody
Data Analysis
Investigation Report
Expert Witness
Professional Conduct

Module 04: Digital Evidence
Increasing Awareness
Increasing Awareness
Anti-Digital Forensics
Digital Data
Rules of Evidence
International Organization on Computer Evidence
Electronic Devices
Examination Process
Evidence Assessment
Evidence Acquisition
Evidence Acquisition
Evidence Acquisition
Evidence Preservation
Evidence Examination and Analysis
Evidence Documentation and Reporting

Module 05: First Responder Procedures
Electronic Evidence
Roles of First Responder
Evidence Collecting
Initial Search
Collecting and Preserving Electronic Evidence
Collecting and Preserving Electronic Evidence
Common Mistakes

Module 06: Computer Forensics Lab
Planning for a Forensics Lab
Investigative Services

Module 07: Understanding Hard Disks and File Systems
Disk Drives
Slack Space
Disk Partitions
Master Boot Record
Boot Process
File Systems
Windows File Systems
Linux File Systems
Mac OS X File Systems
RAID Storage System
File Carving Process

Module 08: Windows Forensics
Volatile Information
System Time
Network Information
Process Memory
Non-Volatile Information
Slack Space Continued
Collecting Hidden Partition Information
Memory Dump
Extracting the Process Image
Inside the Registry
Time Zone Information
Wireless SSIDs
Mounted Devices
Cache, Cookie and History Analysis in IE
Recycle Bin
Prefetch Files
Executable File Analysis
PE Header Analysis
Windows Password Storage
Windows Forensics Tool

Module 09: Data Acquisition and Duplication
Static Data
Live Data
Disk Imaging Tool Requirements
Validating Data Acquisitions
Remote Data Acquisition
Best Practices

Module 10: Recovering Deleted Files and Deleted Partitions
Deleting Files
Recycle Bin Continued
File Recovery in Mac OS X
File Recovery in Linux

Module 11 - 12: Using AccessData FTK
Using AccessData FTK

Module 13: Steganography and Image File Forensics
What is Steganography
Steganography Techniques
Steganography Techniques

Module 14: Application Password Crackers
Password Cracker
Password Cracking Techniques
Active Online Attack
Non-Electronic Attacks
System Software Password Cracking

Module 15: Log Capturing and Event Correlation
Computer Security Logs
Router Log Files
Configuring Windows Logging
Log File Accuracy
Keeping Time
UTC Time
Legality of Using Logs
Laws and Regulations
Log Management
Centralized Logging
Event Correlation

Module 16: Network Forensics and Investigating Network Traffic
Intrusion Detection Systems
IP Address Spoofing
Denial of Service
Trojan Horse
Injection Attacks
Postmortem and Real Time Analysis

Module 17: Investigating Wireless Attacks
Wireless Standards
Service Set Identifier
Types of Wireless Encryption
Wi-Fi Chalking
Availability Attacks
Identify Wireless Devices at Crime Scene
Features of a Good Wireless Forensics Tool

Module 18: Investigating Web Attacks
Introduction To Web Applications
Web Attacks
Unvalidated Input
Parameter/Form Tampering
Injection Flaws
SQL Injection Attacks
Cross-Site Scripting
Improper Error Handling
Web Attack Investigation
Investigating Cross-Site Scripting
Investigating SQL Injection Attacks

Module 19: Tracking Emails and Investigating Email Crimes
SMTP Server
POP3 and IMAP Servers
E-mail Message
Investigating E-mail Crime and Violations
Examine E-mail Headers
Analyzing E-mail Headers
Examining Additional Files
Forensic Acquisition of E-mail Archive
Deleted E-mail Recovery
Forensic Tool Kit

Module 20: Mobile Forensics
Mobile Phone
Mobile Phone Forensics
Precautions to Be Taken Before Investigation
Mobile Devices

Module 21: Investigative Reports
Computer Forensics Report
Features of a Good Report
Computer Forensics Report Template
Report Classification
Attachments and Appendices
Writing a Report Using FTK

Module 22: Becoming an Expert Witness
What is an Expert Witness
Technical vs. Expert Witness
Preparing for Testimony
Expert Witness Qualifications
Importance of Resume
Testifying in Court
General Ethics
Helping Your Attorney
Dealing with Media

Module 23: Lab
Imaging with FTK Device
Steganography Detection
Network Attacks Network Miner & Wireshark
Acquiring Memory Images

About us | Contact us | Support | T&C | Privacy Policy | Site Map | Guarantee ©2010 - 2013 Certify IT Training