Professional Documents
Culture Documents
With content-rich modules and the supplementary practical sessions, this course teaches the
intricacies of gathering the essential evidence helpful in prosecution of a cyber-criminal. Cyber-
crimes typically refer to any criminal activity that involves a computer and/or a network. In these
crimes, the computer may or may not have a part for the commissioning of the crime. Witnessing
the recent cyber war fares spread among nations rather than merely corporate, it is wise to accept
the growing strength of cybercriminals and prepare the defenses/security accordingly. Today the
discussion is more over the timing of hacking rather than the possibility of the hack. Equipped with
state-of-the-art tools used by the professionals in the real-time scenarios, this Training provides all
the skills necessary to identify, track and prosecute the cyber criminal.
Course Outline
7. Network forensics
9. Database forensic
Course Overview
Computer hacking forensic investigation is the process of detecting hacking attacks and
properly extracting evidence to report the crime and conduct audits to prevent future attacks.
Computer crime in today’s cyber world is on the rise. Computer Investigation techniques are
being used by police, government and corporate entities globally and many of them turn to
EC-Council for our Computer Hacking Forensic Investigator CHFI Certification Program.
Computer Security and Computer investigations are changing terms. More tools are invented
daily for conducting Computer Investigations, be it computer crime, digital forensics,
computer investigations, or even standard computer data recovery. The tools and techniques
covered in EC-Council’s CHFI program will prepare the student to conduct computer
investigations using groundbreaking digital forensics technologies.
Cyber security as a profession has seen tremendous growth over the past 10 years and EC-
Council has been on the leading edge of this profession. Practices in Network Defense,
Ethical Hacking, and Penetration Testing have proven to be the pillars of cyber security
teams across the globe and Digital Forensics is no exception. Whether you operate a team of
2 or 2,000 to tackle Cyber issues facing your organization, digital forensics must be a part of
the equation as a critical skill and daily practice.
Course Description
Course Outline
Module 01: Computer Forensics in Today’s World
* Forensics Science
* Computer Forensics
* Forensics Readiness
* Cyber Crime
* Cyber Crime Investigation
* Corporate Investigations
* Reporting a Cyber Crime
Module 02: Computer Forensics Investigation Process
* Investigating Computer Crime
* Steps to Prepare for a Computer Forensics Investigation
* Computer Forensics Investigation Methodology
Module 03: Searching and Seizing Computers
* Searching and Seizing Computers without a Warrant
* Searching and Seizing Computers with a Warrant
* The Electronic Communications Privacy Act
* Electronic Surveillance in Communications Networks
* Evidence
Module 04: Digital Evidence
* Digital Data
* Types of Digital Data
* Rules of Evidence
* Electronic Devices: Types and Collecting Potential Evidence
* Digital Evidence Examination Process
* Electronic Crime and Digital Evidence Consideration by Crime Category
Module 05: First Responder Procedures
* Electronic Evidence
* First Responder
* Roles of First Responder
* Electronic Devices: Types and Collecting Potential Evidence
* First Responder Toolkit
* First Response Basics
* Securing and Evaluating Electronic Crime Scene
* Conducting Preliminary Interviews
* Documenting Electronic Crime Scene
* Collecting and Preserving Electronic Evidence
* Packaging and Transporting Electronic Evidence
* Reporting the Crime Scene
* Note Taking Checklist
* First Responder Common Mistakes
Module 06: Computer Forensics Lab
* Setting a Computer Forensics Lab
* Investigative Services in Computer Forensics
* Computer Forensics Hardware
* Computer Forensics Software
Module 07: Understanding Hard Disks and File Systems
* Hard Disk Drive Overview
* Disk Partitions and Boot Process
* Understanding File Systems
* RAID Storage System
* File System Analysis Using The Sleuth Kit (TSK)
Module 08: Windows Forensics
* Collecting Volatile Information
* Collecting Non-Volatile Information
* Windows Memory Analysis
* Windows Registry Analysis
* Cache, Cookie, and History Analysis
* MD5 Calculation
* Windows File Analysis
* Metadata Investigation
* Text Based Logs
* Other Audit Events
* Forensic Analysis of Event Logs
* Windows Password Issues
* Forensic Tools
Module 09: Data Acquisition and Duplication
* Data Acquisition and Duplication Concepts
* Data Acquisition Types
* Disk Acquisition Tool Requirements
* Validation Methods
* RAID Data Acquisition
* Acquisition Best Practices
* Data Acquisition Software Tools
* Data Acquisition Hardware Tools
Module 10: Recovering Deleted Files and Deleted Partitions
* Recovering the Deleted Files
* File Recovery Tools for Windows
* File Recovery Tools for MAC
* File Recovery Tools for Linux
* Recovering the Deleted Partitions
* Partition Recovery Tools
Finding out about various kinds of cyber laws for investigating cyber-crimes.
Analyzing digital evidence through rules of evidence by considering crime category.
Roles of the first responder, first responder toolkit, securing and assessing electronic crime scene, directing
preliminary interviews, archiving electronic crime scene, gathering and safeguarding electronic proof,
bundling and transporting electronic crime scene, and detailing electronic crime scene.
Setting up the computer forensics lab and creating investigation reports.
Steganography, Steganalysis and image forensics.
Kinds of log capturing, log management, Investigation logs, network traffic, wireless attacks, and web
assaults.
Gathering volatile and non-volatile data from Windows and recouping erased documents from Windows,
Mac OS X, and Linux. Researching password secured documents by utilizing password cracking concepts
and tools
Overview
The CHFI V9 course is the most extensive and propelled accreditation program that summarizes the
essential knowledge of digital forensic techniques and standard forensic tools to collect the intruder's
footprints necessary for his investigation.
The course delivers a few methodological ways to deal with digital forensics, including seizing, chain of
custody, acquisition preservation, analysis and presentation of digital evidence. CHFI participants will be
trained to lead successful procedures in different sorts of security incidents, for example, information
ruptures, corporate secret activities, and other intricate cases involving computer systems. The certification
will cover the different types of computer forensics programs that helps in detecting hacking attacks and
properly extracting evidence to report the crime and conduct detailed audits for preventing future attacks.
Audience: The CHFI program is meant for professionals who are involved with information system security,
computer forensics, and incident response:
Computer Forensic Analyst
Computer Network Defense (CND) Forensic Analyst
Digital Forensic Examiner
Forensic Analyst and technician
Network Forensic Examiner
Computer Crime Investigator
Special Agent
Digital forensic practices stem from forensic science, the science of collecting and
examining evidence or materials. Digital or computer forensics focuses on the digital
domain including computer forensics
network forensics, and mobile forensics. As the cyber security profession evolves,
organizations are learning the importance of employing digital forensic practices into
their everyday activities.
Computer forensic practices can help investigate attacks, system anomalies, or even
help System administrators detect a problem by defining what is normal functional
specifications and validating system information for irregular behaviors.
Cyber Security professionals who acquire a firm grasp on the principles of digital
forensics can become invaluable members of Incident Handling and Incident response
teams.
The Computer Hacking Forensic Investigator course provides a strong baseline
knowledge of key concepts and practices in the digital forensic domains relevant to
today’s organizations. CHFI provides its attendees a firm grasp on the domains of
digital forensics.