EC-Council Computer Hacking Forensics Investigator (CHFIv11)

Cybersecurity

The EC-Council CHFI course prepares cybersecurity professionals to conduct effective digital forensic investigations and to bring their organization into a state of forensic readiness. Forensic readiness is crucial, as it can mean the difference between a minor incident and a major cyberattack that brings a company to its knees. This intensive hands-on course in digital forensic analysis immerses students in more than 68 forensic scenarios (labs), where they will work on crafted evidence files using tools from the world's leading digital forensic experts.

CHFI represents a methodological approach to computer forensics, including searching and seizing, chain-of-custody, acquisition, preservation, analysis, and reporting of digital evidence. Students will become familiar with various forensic investigation techniques and standard forensic tools. During evidence acquisition and management across different operating environments, students will also learn the legal procedures necessary to preserve evidence and ensure its admissibility in court, enabling the prosecution of cybercriminals and exonerating the victimized organization from liability.

This 5-day course is designed for those seeking fundamental preparation for the EC-Council CHFI certification exam, which is recognized as a global standard for IT certification in forensic investigation.

The EC-Council CHFI course is offered as training in a virtual classroom in the US time zone (meaning the training runs from 3:00 PM CET to 11:00 PM CET daily) and is conducted in English. After completing the training, participants will have access to the full training recording. Training participants will receive EC-Council-accredited training materials, access to practical training labs, and a voucher for the EC-Council CHFI certification exam. The certification exam is not part of the course and can be taken after completing the course.

Certification

EC-Council Computer Hacking Forensics Investigator

Students will go beyond traditional forensic analysis of hardware and memory and focus on current topics in cloud forensics, mobile device forensics, IoT forensics, web application attack investigations, and malware forensics. CHFI represents a methodological approach to computer forensics, including searching and seizing, chain-of-custody, acquisition, preservation, analysis, and reporting of digital evidence. Students will become familiar with various forensic investigation techniques and standard forensic tools.

Location, current course term

Contact us

Custom Customized Training (date, location, content, duration)

The course:

Hide detail
  • Computer Forensics in Today’s World
    1. Understand the Fundamentals of Computer Forensics
    2. Understand Cybercrimes and their Investigation Procedures
    3. Understand Digital Evidence and eDiscovery
    4. Understand Forensic Readiness
    5. Understand the Role of Various Processes and Technologies in Computer Forensics
    6. Identify the Roles and Responsibilities of a Forensic Investigator
    7. Understand the Challenges Faced in Investigating Cybercrimes
    8. Understand Various Standards and Best Practices Related to Computer Forensics
    9. Understand Laws and Legal Compliance in Computer Forensics
  • Computer Forensics Investigation Process
    1. Understand the Forensic Investigation Process and its Importance
    2. Understand First Response
    3. Understand the Pre-investigation Phase
    4. Understand the Investigation Phase
    5. Understand the Post-investigation Phase
  • Understanding Hard Disks and File Systems
    1. Describe Different Types of Disk Drives and their Characteristics
    2. Explain the Logical Structure of a Disk
    3. Understand the Booting Process of Windows, Linux, and macOS Operating Systems
    4. Understand Various File Systems of Windows, Linux and macOS Operating Systems
    5. Understand File System Analysis
    6. Understand Storage Systems
    7. Understand Encoding Standards and Hex Editors
    8. Analyze Popular File Formats Using Hex Editor
  • Data Acquisition and Duplication
    1. Understand Data Acquisition Fundamentals
    2. Understand eDiscovery
    3. Understand Data Acquisition Methodology
    4. Prepare an Image File for Examination
  • Defeating Anti-forensics Techniques
    1. Understand Anti-forensics Techniques
    2. Discuss Data Deletion and Recycle Bin Forensics
    3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
    4. Explore Password Cracking/Bypassing Techniques
    5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch
    6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
    7. Detect Program Packers and Footprint Minimizing Techniques
  • Windows Forensics
    1. Understand Windows Forensics
    2. Collect Volatile Information
    3. Collect Non-volatile Information
    4. Perform Windows Memory Analysis
    5. Perform Windows Registry Analysis
    6. Perform Electron Application Analysis
    7. Perform Web Browser Forensics
    8. Examine Windows Files and Metadata
    9. Understand ShellBags, LNK Files, and Jump Lists
    10. Understand Text-based Logs and Windows Event Logs
  • Linux and Mac Forensics
    1. Collect Volatile Information in Linux
    2. Collect Non-volatile Information in Linux
    3. Understand Linux Memory Forensics
    4. Understand Mac Forensics
    5. Collect Volatile Information in Mac
    6. Collect Non-volatile Information in Mac
    7. Understand Mac Memory Forensics and Mac Forensics Tools
  • Network Forensics
    1. Understand Network Forensics
    2. Summarize Event Correlation Concepts
    3. Identify Indicators of Compromise (IoCs) from Network Logs
    4. Investigate Network Traffic
    5. Perform Incident Detection and Examination Using SIEM Tools
    6. Understand Wireless Network Forensics
    7. Detect and Investigate Wireless Network Attacks
  • Malware Forensics
    1. Understand Malware Concepts
    2. Understand Malware Forensics
    3. Perform Static Malware Analysis
    4. Analyzing Suspicious Documents
    5. Perform System Behavior Analysis
    6. Perform Network Behavior Analysis
    7. Perform Ransomware Analysis
  • Investigating Web Attacks
    1. Understand Web Application Forensics
    2. Understand Internet Information Services (IIS) Logs
    3. Understand Apache Web Server Logs
    4. Detect and Investigate Various Attacks on Web Applications
  • Dark Web Forensics
    1. Understand the Dark Web and Dark Web Forensics
    2. Determine How to Identify the Traces of Tor Browser during Investigation
    3. Perform Tor Browser Forensics
  • Cloud Forensics
    1. Understand Cloud Computing Concepts
    2. Understand Cloud Forensics
    3. Understand Amazon Web Services (AWS) Fundamentals
    4. Perform AWS Forensics
    5. Understand Microsoft Azure Fundamentals
    6. Perform Microsoft Azure Forensics
    7. Understand Google Cloud Fundamentals
    8. Perform Google Cloud Forensics
  • Email and Social Media Forensics
    1. Understand Email Basics
    2. Explain Email Crime Investigation and its Steps
    3. Understand U.S. Laws Against Email Crime
    4. Explain Social Media Forensics
  • Mobile Forensics
    1. Understand Mobile Device Forensics
    2. Understand Android and iOS Architecture, Boot Process, and File Systems
    3. Understand Mobile Forensics Process
    4. Investigate Cellular Network Data
    5. Perform File System Acquisition
    6. Understand Phone Locks, Rooting, and Jailbreaking of Mobile Devices
    7. Perform Logical Acquisition on Mobile Devices
    8. Perform Physical Acquisition on Mobile Devices
    9. Perform Android and iOS Forensic Analysis
  • IoT Forensics
    1. Understand IoT Concepts
    2. Perform Forensics on IoT Devices
Schedule:
5 days (3:00 PM - 11:00 PM )
Course price:
2 396.00 € (2 899.16 € incl. 21% VAT)
Language: