Computer Hacking Forensic Investigator (CHFIv11) (EC6157)

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and the course enables students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carryout a computer forensic investigation leading to prosecution of perpetrators.

The CHFI certification will give participates (Law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals, and anyone who is concerned about the integrity of the network infrastructure.) the necessary skills to perform an effective digital forensics investigation.

CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.

Download our CHFI brochure to get all the details of this exclusive training!

Applicable solutions

Public class

5 days / 35 hours

Private class

Virtual classroom
Minimum no. of participants: 5
5 days / 35 hours
Price on request
English or French
Training plan: 

Module 1: Computer Forensics in Today’s World

  • Understand the Fundamentals of Computer Forensics
  • Understand Cybercrimes and their Investigation Procedures
  • Understand Digital Evidence and eDiscovery
  • Understand Forensic Readiness
  • Understand the Role of Various Processes and Technologies in Computer Forensics
  • Identify the Roles and Responsibilities of a Forensic Investigator
  • Understand the Challenges Faced in Investigating Cybercrimes
  • Understand Various Standards and Best Practices Related to Computer Forensics
  • Understand Laws and Legal Compliance in Computer Forensics

Module 2: Computer Forensics Investigation Process

  • Understand the Forensic Investigation Process and its Importance
  • Understand First Response
  • Understand the Pre-investigation Phase
  • Understand the Investigation Phase
  • Understand the Post-investigation Phase

Module 3: Understanding Hard Disks and File Systems

  • Describe Different Types of Disk Drives and their Characteristics
  • Explain the Logical Structure of a Disk
  • Understand the Booting Process of Windows, Linux, and macOS Operating Systems
  • Understand Various File Systems of Windows, Linux and macOS Operating Systems
  • Understand File System Analysis
  • Understand Storage Systems
  • Understand Encoding Standards and Hex Editors
  • Analyze Popular File Formats Using Hex Editor

Module 4: Data Acquisition and Duplication

  • Understand Data Acquisition Fundamentals
  • Understand eDiscover
  • Understand Data Acquisition Methodology
  • Prepare an Image File for Examination

Module 5: Defeating Anti-forensics Techniques

  • Understand Anti-forensics Techniques
  • Discuss Data Deletion and Recycle Bin Forensics
  • Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
  • Explore Password Cracking/Bypassing Techniques
  • Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch
  • Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
  • Detect Program Packers and Footprint Minimizing Techniques

Module 6: Windows Forensics

  • Understand Windows Forensics
  • Collect Volatile Information
  • Collect Non-volatile Information
  • Perform Windows Memory Analysis
  • Perform Windows Registry Analysis
  • Perform Electron Application Analysis
  • Perform Web Browser Forensics
  • Examine Windows Files and Metadata
  • Understand ShellBags, LNK Files, and Jump Lists
  • Understand Text-based Logs and Windows Event Logs

Module 7: Linux and Mac Forensics

  • Collect Volatile Information in Linux
  • Collect Non-volatile Information in Linux
  • Understand Linux Memory Forensics
  • Understand Mac Forensics
  • Collect Volatile Information in Mac
  • Collect Non-volatile Information in Mac
  • Understand Mac Memory Forensics and Mac Forensics Tools

Module 8: Network Forensics

  • Understand Network Forensics
  • Summarize Event Correlation Concepts
  • Identify Indicators of Compromise (IoCs) from Network Logs
  • Investigate Network Traffic
  • Perform Incident Detection and Examination Using SIEM Tools
  • Understand Wireless Network Forensics
  • Detect and Investigate Wireless Network Attacks

Module 9: Malware Forensics

  • Understand Malware Concepts
  • Understand Malware Forensics
  • Perform Static Malware Analysis
  • Analyzing Suspicious Documents
  • Perform System Behavior Analysis
  • Perform Network Behavior Analysis
  • Perform Ransomware Analysis

Module 10: Investigating Web Attacks

  • Understand Web Application Forensics
  • Understand Internet Information Services (IIS) Logs
  • Understand Apache Web Server Logs
  • Detect and Investigate Various Attacks on Web Applications

Module 11: Dark Web Forensics

  • Understand the Dark Web and Dark Web Forensics
  • Determine How to Identify the Traces of Tor Browser during Investigation
  • Perform Tor Browser Forensics

Module 12: Cloud Forensics

  • Understand Cloud Computing Concepts
  • Understand Cloud Forensics
  • Understand Amazon Web Services (AWS) Fundamentals
  • Perform AWS Forensics
  • Understand Microsoft Azure Fundamentals
  • Perform Microsoft Azure Forensics
  • Understand Google Cloud Fundamentals
  • Perform Google Cloud Forensics

Module 13: Email and Social Media Forensics

  • Understand Email Basics
  • Explain Email Crime Investigation and its Steps
  • Understand U.S. Laws Against Email Crime
  • Explain Social Media Forensics

Module 14: Mobile Forensics

  • Understand Mobile Device Forensics
  • Understand Android and iOS Architecture, Boot Process, and File Systems
  • Understand Mobile Forensics Process
  • Investigate Cellular Network Data
  • Perform File System Acquisition
  • Understand Phone Locks, Rooting, and Jailbreaking of Mobile Devices
  • Perform Logical Acquisition on Mobile Devices
  • Perform Physical Acquisition on Mobile Devices
  • Perform Android and iOS Forensic Analysis

Module 15: IoT Forensics

  • Understand IoT Concepts
  • Perform Forensics on IoT Devices
  • One year access to the class recording
  • 180 days access to the lab environment after class
  • One voucher to take the exam online
  • One year subscription to the CodeRed platform containing thousands of cybersecurity videos
  • Course material accessible in electronic format
  • Official EC-Council Certificate of Attendance
  • Knowledge of the operation of client and server operating systems (file systems, permissions, Windows security, Linux, etc.).
  • Basic knowledge of network protocols, for example TCP / IP.
  • General notions of server roles and services present in a network.
Credentials information: 

Exam characteristics:

  • Preparing for the Computer Hacking Forensic Investigator certification
  • Exam code: 312-49
  • Cost: $0 (included in your training)
  • Online with EC-Council Exam Center
  • 150 questions with multiple choices
  • Duration: 4 hours
  • All details... 

Contact us for more information on pricing::

Office: 1-888-718-9732
E-mail: info@eccentrix.ca

130, King Street West, Suite 1800
Toronto, Ontario M5X 1E3