Computer Hacking Forensic Investigator

Computer hacking forensic investigation refers to the process of detecting hacking attacks, properly extracting evidence to report the crime and conducting audits to prevent future attacks.

Computer crime has in recent times reached alarming proportions. Various investigation techniques are used by police, government and corporate entities. Many of them turn to EC-Council for their Computer Hacking Forensic Investigator or CHFI Certification Program. As the computer crimes get complex and hi-tech, the investigation tools and security programs follow suit. More tools are invented daily for conducting Computer Investigations, be it computer crime, digital forensics, computer investigations, or even standard computer data recovery. The tools and techniques covered in EC-Council’s CHFI program will prepare the student to conduct computer investigations using groundbreaking digital forensics technologies.

Computer forensics is simply the application of computer investigation and analysis techniques to gather potential legal evidence in cyber crimes. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators employ an array of methods for locating data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

Electronic evidence is vital in the following situations:

• Disloyal employees
• Computer break-ins
• Possession of pornography
• Breach of contract
• Industrial espionage
• E-mail fraud
• Bankruptcy
• Disputed dismissals
• Web page defacements
• Theft of company documents.

EC-Council releases the most advanced Computer Hacking Forensic Investigator program in the world. CHFIv8 presents detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enable students to acquire necessary hands-on experience on various forensic investigation techniques and standard forensic tools necessary to successfully carryout a computer forensic investigation leading to prosecution of perpetrators of the crime.

Battles using tanks, rockets and bombs are fast becoming history. A new war in cyber space is fast catching on with results as catastrophic as in real conflicts involving physical force. As computer dependence has exposed our lives to vulnerabilities unheard in the past, we need to be ever vigilant to preempt such events. With the onset of sophisticated cyber-attacks, the need for advanced cyber security and investigation training is recognized world over.

If you or your organization requires the knowledge or skills to identify, track, and prosecute the cybercriminal, then this is the course for you. This course helps forensic investigators to excel in incident handling and investigate various types of security incidents such as data breaches, latest persistent security issues, insider employee threats and intricate digital forensic circumstances and cases.

The CHFI certification validates the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to bring the culprit before the court of law.

A C|HFI v9 professional will be conversant with:

• The process of investigating cyber-crime, laws involved, and the requirements for obtaining a search warrant

• Different types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration

• Roles of first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence and reporting the crime scene

• Recovery of deleted files and deleted partitions in Windows, Mac OS X, and Linux

• The process involved in forensic investigation using Access Data FTK and Encase Steganography and its techniques, Steganalysis, and image file forensics

• Password Cracking Concepts, tools, types of password attacks and how to investigate password protected file breach

• Different types of log capturing techniques, log management, time synchronization and log capturing tools

• How to investigate logs, network traffic, wireless attacks, and web attacks

• Tracking and investigation of e-mail crimes and many more.

Who Should Attend?

• Police and other law enforcement personnel
• Defense and Military personnel
• e-Business Security professionals
• Systems administrators
• Legal professionals
• Banking, Insurance and other professionals
• Government agencies
• IT managers

Course Outline Version 9

  1. Computer Forensics in Today’s World
  2. Computer Forensics Investigation Process
  3. Understanding Hard Disks and File Systems
  4. Operating System Forensics
  5. Defeating Anti-Forensics Techniques
  6. Data Acquisition and Duplication
  7. Network Forensics
  8. Investigating Web Attacks
  9. Database Forensics
  10. Cloud Forensics
  11. Malware Forensics
  12. Investigating Email Crimes
  13. Mobile Forensics
  14. Investigative Reports

 The CHFI 312-49 exam will be conducted on the last day of training.

 Students need to pass the online Prometric exam to receive the CHFI certification

Course Duration: 5 days