Training plan
Module 1: Computer Forensics in Today’s World
- Understand the Fundamentals of Computer Forensics
- Understand Cybercrimes and their
- Investigation Procedures
- Understand Digital Evidence and eDiscovery
- Understand Forensic Readiness
- Understand the Role of Various
- Processes and Technologies in Computer Forensics
- Identify the Roles and Responsibilities of a Forensic Investigator
- Understand the Challenges Faced in
- Investigating Cybercrimes
- Understand Various Standards and Best
- Practices Related to Computer Forensics
- Understand Laws and Legal Compliance in Computer Forensics
Module 2: Computer Forensics Investigation Process
- Understand the Forensic Investigation
- Process and its Importance
- Understand First Response
- Understand the Pre-investigation Phase
- Understand the Investigation Phase
- Understand the Post-investigation Phase
Module 3: Understanding Hard Disks and File Systems
- Describe Different Types of Disk Drives and their Characteristics
- Explain the Logical Structure of a Disk
- Understand the Booting Process of Windows, Linux, and macOS Operating Systems
- Understand Various File Systems of Windows, Linux and macOS Operating Systems
- Understand File System Analysis
- Understand Storage Systems
- Understand Encoding Standards and Hex Editors
- Analyze Popular File Formats Using Hex Editor
Module 4: Data Acquisition and Duplication
- Understand Data Acquisition Fundamentals
- Understand eDiscover
- Understand Data Acquisition Methodology
- Prepare an Image File for Examination
Module 5: Defeating Anti-forensics Techniques
- Understand Anti-forensics Techniques
- Discuss Data Deletion and Recycle Bin Forensics
- Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
- Explore Password Cracking/Bypassing Techniques
- Detect Steganography, Hidden Data in File System Structures, Trail
- Obfuscation, and File Extension Mismatch
- Understand Techniques of Artifact
- Wiping, Overwritten Data/Metadata
- Detection, and Encryption
- Detect Program Packers and Footprint Minimizing Techniques
Module 6: Windows Forensics
- Understand Windows Forensics
- Collect Volatile Information
- Collect Non-volatile Information
- Perform Windows Memory Analysis
- Perform Windows Registry Analysis
- Perform Electron Application Analysis
- Perform Web Browser Forensics
- Examine Windows Files and Metadata
- Understand ShellBags, LNK Files, and Jump Lists
- Understand Text-based Logs and Windows Event Logs
Module 7: Linux and Mac Forensics
- Collect Volatile Information in Linux
- Collect Non-volatile Information in Linux
- Understand Linux Memory Forensics
- Understand Mac Forensics
- Collect Volatile Information in Mac
- Collect Non-volatile Information in Mac
- Understand Mac Memory Forensics and Mac Forensics Tools
Module 8: Network Forensics
- Understand Network Forensics
- Summarize Event Correlation Concepts
- Identify Indicators of Compromise (IoCs) from Network Logs
- Investigate Network Traffic
- Perform Incident Detection and Examination Using SIEM Tools
- Understand Wireless Network Forensics
- Detect and Investigate Wireless Network Attacks
Module 9: Malware Forensics
- Understand Malware Concepts
- Understand Malware Forensics
- Perform Static Malware Analysis
- Analyzing Suspicious Documents
- Perform System Behavior Analysis
- Perform Network Behavior Analysis
- Perform Ransomware Analysis
Module 10: Investigating Web Attacks
- Understand Web Application Forensics
- Understand Internet Information Services (IIS) Logs
- Understand Apache Web Server Logs
- Detect and Investigate Various Attacks on Web Applications
Module 11: Dark Web Forensics
- Understand the Dark Web and Dark Web Forensics
- Determine How to Identify the Traces of Tor Browser during Investigation
- Perform Tor Browser Forensics
Module 12: Cloud Forensics
- Understand Cloud Computing Concepts
- Understand Cloud Forensics
- Understand Amazon Web Services (AWS) Fundamentals
- Perform AWS Forensics
- Understand Microsoft Azure Fundamentals
- Perform Microsoft Azure Forensics
- Understand Google Cloud Fundamentals
- Perform Google Cloud Forensics
Module 13: Email and Social Media Forensics
- Understand Email Basics
- Explain Email Crime Investigation and its Steps
- Understand U.S. Laws Against Email Crime
Explain Social Media Forensics
Module 14: Mobile Forensics
- Understand Mobile Device Forensics
- Understand Android and iOS Architecture, Boot Process, and File Systems
- Understand Mobile Forensics Process
- Investigate Cellular Network Data
- Perform File System Acquisition
- Understand Phone Locks, Rooting, and Jailbreaking of Mobile Devices
- Perform Logical Acquisition on Mobile Devices
- Perform Physical Acquisition on Mobile Devices
- Perform Android and iOS Forensic Analysis
Module 15: IoT Forensics
- Understand IoT Concepts
- Perform Forensics on IoT Devices
Recommended Prerequisite Knowledge
- Knowledge of the functioning of client and server operating systems (file systems, permissions, Windows security, Linux, etc.).
- Fundamental knowledge of network protocols, such as TCP/IP.
General understanding of server roles and services present in a network.
Credentials and certification
Exam features
- Code: 312-49
- Title: Computer Hacking Forensic Investigator
- Duration: 4 hours
- Number of Questions: 150
- Question Format: Multiple Choice
- Online with EC-Council Exam Center
- Cost: $0 (included in your training)
Eccentrix Corner article/publication
Computer Hacking Forensic Investigator (CHFIv11) (EC6157)
The Computer Hacking Forensic Investigator (CHFIv11) (EC6157) training equips IT and cybersecurity professionals with advanced skills in digital forensics. This course focuses on identifying, preserving, and analyzing evidence from computer systems, networks, and devices to investigate cybercrimes effectively.
Participants will learn practical techniques for forensic investigations and prepare for the globally recognized CHFI certification, validating their expertise in cybercrime analysis and evidence handling.
Why Choose the CHFIv11 Training?
As cybercrimes become increasingly sophisticated, the demand for skilled forensic investigators has grown. The CHFIv11 training prepares professionals to uncover, document, and report digital evidence essential for resolving cybercrime incidents and legal cases.
Earning the CHFI certification demonstrates your capability to perform advanced forensic investigations, making you a vital resource in law enforcement, corporate security, and private investigations.
Key Skills Developed in the Training
Digital evidence identification and preservation
Learn to locate and secure evidence from various digital sources, ensuring its integrity for investigations.Advanced forensic tools and techniques
Gain hands-on experience with industry-standard tools like EnCase, FTK, and Autopsy.Cybercrime investigation methodologies
Understand the processes for investigating cases such as fraud, insider threats, and data breaches.Forensic reporting and legal processes
Develop skills to create comprehensive forensic reports and present findings in legal and organizational settings.Incident response integration
Learn to work with incident response teams to investigate and mitigate security breaches effectively.Prepare for the CHFI certification exam
Master the knowledge and practical skills required to pass the CHFIv11 certification exam.
Instructor-Led Training with Practical Labs
This training is delivered by certified instructors with extensive experience in digital forensics. Participants engage in hands-on labs, real-world case studies, and forensic simulations to ensure readiness for professional forensic investigations.
Who Should Attend?
This training is ideal for:
- IT and cybersecurity professionals responsible for investigating security incidents
- Law enforcement and legal professionals involved in cybercrime investigations
- Network administrators and systems engineers looking to specialize in forensics
- Individuals preparing for the Computer Hacking Forensic Investigator (CHFIv11) certification
Enhance Your Forensic Expertise with CHFIv11
The Computer Hacking Forensic Investigator (CHFIv11) (EC6157) training provides the knowledge and skills needed to excel in digital forensics and cybercrime investigations. Enroll today to earn a globally recognized certification and advance your career in forensic analysis and cybersecurity.
Frequently asked questions - EC-Council Computer Hacking Forensic Investigator training (FAQ)
What are the prerequisites for the CHFIv11 training?
Basic knowledge of cybersecurity and IT systems is recommended, though not mandatory.
What topics are covered in the course?
The course includes evidence acquisition, forensic analysis, report generation, and legal procedures.
Does the training include hands-on exercises?
Yes, participants engage in practical labs and forensic tools to apply their skills effectively.
What tools are used during the training?
Tools such as EnCase, FTK, and Autopsy are used to teach advanced forensic techniques.
How does the CHFI certification benefit my career?
The certification validates your expertise in digital forensics, enhancing your employability in cybersecurity and investigative roles.
Is the training aligned with the CHFI certification objectives?
Yes, the training fully aligns with the requirements and objectives of the CHFIv11 certification exam.