Computer Hacking Forensic Investigator (V9) (CHFI V9)

EC-Council releases the most advanced Computer Forensic Investigation program in the world. CHFIv9 presents a detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enable students to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry-out a computer forensic investigation.Battles between corporations, governments, and countries are no longer fought using physical force. Cyber war has begun and the consequences can be seen in everyday life. With the onset of sophisticated cyber-attacks, the need for advanced cyber security and investigation training is a mandate in the present day. If you or your organization requires the knowledge or skills to identify, track, and prosecute the cybercriminals, then this is the course for you. This course helps students to excel in digital evidence acquisition, handling and analysis in a forensically sound manner. Acceptable in a court of law, these skills will lead to successful prosecutions in various types of security incidents such as data breaches, corporate espionage, insider threats and other intricate cases involving computer systems.

  • Category
  • Duration
    5 Days
  • Level

What Will I Learn ?

  • The process of investigating cyber-crimes and the laws involved, as well as details in obtaining a search warrant.
  • Different types of digital evidence, rules of evidence, digital evidence examination processes, and electronic crime and digital evidence consideration by crime category.
  • Roles of a first responder, first responder toolkit, securing and evaluating an electronic crime scene, conducting preliminary interviews, documenting electronic crime scenes, collecting and preserving electronic evidence, packaging and transporting electronic evidence and reporting the crime sceneHow to recover deleted files and deleted partitions in Windows, Mac OS X, and Linux.
  • The process involved in forensic investigation using Access Data FTK and Encase Steganography and its techniques, as well as steganalysis, and image file forensics.
  • Password cracking concepts, tools, types of password attacks and how to investigate password protected file breaches.
  • Different types of log capturing techniques, log management, time synchronization and log capturing tools.
  • How to investigate logs, network traffic, wireless attacks, and web attacks
  • How to track e-mails and investigate e-mail crimes and many more.

Prerequisite Knowledge

Who can benefits ?

  • Police and other law enforcement personnel
  • Defense and Military personnel0
  • e-Business Security professionals
  • Systems administrators
  • Legal professionals
  • Banking, Insurance and other professionals
  • Government agencies
  • IT managers

Opportunity Scope

Mentor shall discuss on classroom.

Modules / Chapter

Module 1: Computer Forensics in Today’s World

  • Forensics Science
  • Computer Forensics
  • Security Incident Report
  • Aspects of Organizational Security
  • Evolution of Computer Forensics
  • Objective of Computer Forensics
  • Need for Compute Forensics
  • Forensics Readiness
  • Cyber Crime
  • Cyber Crime Investigation
  • Corporate Investigations
  • Reporting a Cyber Crime

Module 2: Computer Forensics Investigation Process

  • Investigating Computer Crime
  • Before the Investigation
  • Build a Forensics Workstation
  • Building the Investigation Team
  • People Involved in Computer Forensics
  • Review Policies and Laws
  • Forensics Laws
  • Notify Decision Makers and Acquire Authorization
  • Risk Assessment
  • Build a Computer Investigation Toolkit
  • Steps to Prepare for a Computer Forensics Investigation
  • Computer Forensics Investigation Methodology

Module 3: Searching and Seizing Computers

  • Searching and Seizing Computers without a Warrant
  • Searching and Seizing Computers without a Warrant
  • Searching and Seizing Computers with a Warrant
  • The Electronic Communications Privacy Act
  • Electronic Surveillance in Communications Networks
  • Evidence

Module 4: Digital Evidence

  • Digital Data
  • Definition of Digital Evidence
  • Increasing Awareness of Digital Evidence
  • Challenging Aspects of Digital Evidence
  • The Role of Digital Evidence
  • Characteristics of Digital Evidence
  • Fragility of Digital Evidence
  • Anti-Digital Forensics (ADF)
  • Types of Digital Data
  • Rules of Evidence
  • Electronic Devices: Types and Collecting Potential Evidence
  • Digital Evidence Examination Process
  • Electronic Crime and Digital Evidence Consideration by Crime Category

Module 5: First Responder Procedures

  • Electronic Evidence
  • First Responder
  • Roles of First Responder
  • Electronic Devices: Types and Collecting Potential Evidence
  • First Responder Toolkit
  • First Responder Toolkit
  • Creating a First Responder Toolkit
  • Evidence Collecting Tools and Equipment
  • First Response Basics
  • Securing and Evaluating Electronic Crime Scene
  • Conducting Preliminary Interviews
  • Documenting Electronic Crime Scene
  • Collecting and Preserving Electronic Evidence
  • Packaging and Transporting Electronic Evidence
  • Reporting the Crime Scene
  • Note Taking Checklist
  • First Responder Common Mistakes

Module 6: Computer Forensics Lab

  • Setting a Computer Forensics Lab
  • Computer Forensics Lab
  • Planning for a Forensics Lab
  • Budget Allocation for a Forensics Lab
  • Physical Location Needs of a Forensics Lab
  • Structural Design Considerations
  • Environmental Conditions
  • Electrical Needs
  • Communication Needs
  • Work Area of a Computer Forensics Lab
  • Ambience of a Forensics Lab
  • Ambience of a Forensics Lab: Ergonomics
  • Physical Security Recommendations
  • Fire-Suppression Systems
  • Evidence Locker Recommendations
  • Computer Forensic Investigator
  • Law Enforcement Officer
  • Lab Director
  • Forensics Lab Licensing Requisite
  • Features of the Laboratory Imaging System
  • Technical Specification of the Laboratory-??ased Imaging System
  • Forensics Lab
  • Auditing a Computer Forensics Lab
  • Recommendations to Avoid Eyestrain
  • Investigative Services in Computer Forensics
  • Computer Forensics Hardware
  • Computer Forensics Software

Module 7: Understanding Hard Disks and File Systems

  • Hard Disk Drive Overview
  • Disk Drive Overview
  • Hard Disk Drive
  • Solid-State Drive (SSD)
  • Physical Structure of a Hard Disk
  • Logical Structure of Hard Disk
  • Types of Hard Disk Interfaces
  • Hard Disk Interfaces
  • Disk Platter
  • Tracks
  • Sector
  • Cluster
  • Bad Sector
  • Hard Disk Data Addressing
  • Disk Capacity Calculation
  • Measuring the Performance of the Hard Disk
  • Disk Partitions and Boot Process
  • Understanding File Systems
  • RAID Storage System
  • File System Analysis Using The Sleuth Kit (TSK)

Module 8: Operating System Forensics

  • Collecting Non-volatile Information
  • Windows Memory Analysis
  • Windows Registry Analysis
  • Cache, Cookie, and History Analysis
  • MD5 Calculation
  • Windows File Analysis
  • Metadata Investigation
  • Text Based Logs
  • Other Audit Events
  • Forensic Analysis of Event Logs
  • Windows Password Issues
  • Forensic Tools

Module 9: Data Acquisition and Duplication

  • Data Acquisition and Duplication Concepts
  • Data Acquisition Types
  • Disk Acquisition Tool Requirements
  • Validation Methods
  • RAID Data Acquisition
  • Acquisition Best Practices
  • Data Acquisition Software Tools
  • Data Acquisition Hardware Tools

Module 10: Recovering Deleted Files and Deleted Partitions

  • Recovering the Deleted Files
  • Deleting Files
  • What Happens When a File is Deleted in Windows?
  • Recycle Bin in Windows
  • File Recovery in MAC OS X
  • File Recovery in Linux
  • File Recovery Tools for Windows
  • File Recovery Tools for MAC
  • File Recovery Tools for Linux
  • Recovering the Deleted Partitions
  • Partition Recovery Tools

Module 11: Network Forensics, Investigating Logs and Investigating Network Traffic

  • Network Forensics
  • Network Forensics
  • Network Forensics Analysis Mechanism
  • Network Addressing Schemes
  • Overview of Network Protocols
  • Overview of Physical and Data-Link Layer of the OSI Model
  • Overview of Network and Transport Layer of the OSI Model
  • OSI Reference Model
  • TCP/ IP Protocol
  • Intrusion Detection Systems (IDS) and ??heir Placement
  • Firewall
  • Honeypot
  • Network Attacks
  • Log Injection Attacks
  • Investigating and Analyzing Logs
  • Investigating Network Traffic
  • Traffic Capturing and Analysis Tools
  • Documenting the Evidence Gathered on a Network

Module 12: Investigating Wireless Attacks

  • Wireless Technologies
  • Wireless Networks
  • Wireless Terminologies
  • Wireless Components
  • Types of Wireless Networks
  • Wireless Standards
  • MAC Filtering
  • Service Set Identifier (SSID)
  • Types of Wireless Encryption: WEP
  • Types of Wireless Encryption: WPA
  • Types of Wireless Encryption: WPA2
  • WEP vs. WPA vs. WPA2
  • Wireless Attacks
  • Investigating Wireless Attacks
  • Features of a Good Wireless Forensics Tool
  • Wireless Forensics Tools
  • Traffic Capturing and Analysis Tools

Module 13: Tracking Emails and investigating Email Crimes

  • Email Terminology
  • Email System
  • Email Clients
  • Email Server
  • SMTP Server
  • POP3 and IMAP Servers
  • Email Message
  • Importance of Electronic Records Management
  • Email Crimes
  • Email Headers
  • Steps to Investigate
  • Email Forensics Tools
  • Laws and Acts against Email Crimes

Module 14: Mobile Forensics

  • Mobile Phone
  • Different Mobile Devices
  • Hardware Characteristics of Mobile Devices
  • Software Characteristics of Mobile Devices
  • Components of Cellular Network
  • Cellular Network
  • Different Cellular Networks
  • Mobile Operating Systems
  • Mobile Forensics
  • Mobile Forensic Process
  • Mobile Forensics Software Tools
  • Mobile Forensics Hardware Tools

Module 15: Investigative Reports

  • Computer Forensics Report
  • Computer Forensics Report
  • Salient Features of a Good Report
  • Aspects of a Good Report
  • Computer Forensics Report Template
  • Investigative Report Writing
  • Sample Forensics Report
  • Report Writing Using Tools

Module 16: Becoming an Expert Witness

  • Types of Expert Witnesses
  • Scope of Expert Witness Testimony
  • Evidence Processing
  • Rules for Expert Witness
  • General Ethics While Testifying

Enquiry Form

Required fields are marked (*).

(Max 350 words only)

Contact Information

  • Address

    Anamnagar - 32 Kathmandu, Nepal

  • Email

  • Phone

    +977-1-4102721, 4102722, 4244804

  • Opening Hours

    10 AM - 5 PM

Registration Form

Required fields are marked (*).

(Max 350 words only)

Contact Information

  • Address

    Anamnagar - 32 Kathmandu, Nepal

  • Email

  • Phone

    +977-1-4102721, 4102722, 4244804

  • Opening Hours

    10 AM - 5 PM


Sign Up for News and Offers

Subscribe for the latest news and great deals we offer