EC-Council Computer Hacking Forensic Investigator (CHFI)
Details
This CHFI training course will give you the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute. Many of today's top tools of the forensic trade will be taught during this course, including software, hardware and specialized techniques.If you or your organization requires the knowledge or skills to identify, track, and prosecute the cyber-criminal, then this is the course for you.
The CHFI 312-49 exam will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the CHFI certification.
EC-Council is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs, that are offered in over 60 countries through a training network of more than 450 training partners globally.
ActiveLearning is an Authorized Training Partner of EC-Council in the Philippines.
- Understand how perimeter defenses work
- Scan and attack you own networks, without actually harming them
- Understand steps taken by intruders to escalate their privileges in your system
- Detect intrustion, create policies, social engineering, DDoS attacks, buffer overflows, and even virus creation
Outline
- Forensics Science
- Computer Forensics
- Forensics Readiness
- Cyber Crime
- Cyber Crime Investigation
- Corporate Investigations
- Reporting a Cyber Crime
- Investigating Computer Crime
- Steps to Prepare for a Computer Forensics Investigation
- Computer Forensics Investigation Methodology
- Searching and Seizing Computers without a Warrant
- Searching and Seizing Computers with a Warrant
- The Electronic Communications Privacy Act
- Electronic Surveillance in Communications Networks
- Evidence
- Digital Data
- Types of Digital Data
- Rules of Evidence
- Electronic Devices: Types and Collecting Potential Evidence
- Digital Evidence Examination Process
- Electronic Crime and Digital Evidence Consideration by Crime Category
- Electronic Evidence
- First Responder
- Roles of First Responder
- Electronic Devices: Types and Collecting Potential Evidence
- First Responder Toolkit
- First Response Basics
- Securing and Evaluating Electronic Crime Scene
- Conducting Preliminary Interviews
- Documenting Electronic Crime Scene
- Collecting and Preserving Electronic Evidence
- Packaging and Transporting Electronic Evidence
- Reporting the Crime Scene
- Note Taking Checklist
- First Responder Common Mistakes
- Setting a Computer Forensics Lab
- Investigative Services in Computer Forensics
- Computer Forensics Hardware
- Computer Forensics Software
- Securing Laptop Computers
- Hard Disk Drive Overview
- Disk Partitions and Boot Process
- Understanding File Systems
- RAID Storage System
- File System Analysis Using The Sleuth Kit (TSK)
- Collecting Volatile Information
- Collecting Non-volatile Information
- Windows Memory Analysis
- Windows Registry Analysis
- Cache, Cookie, and History Analysis
- MD5 Calculation
- Windows File Analysis
- Metadata Investigation
- Text Based Logs
- Other Audit Events
- Forensic Analysis of Event Logs
- Windows Password Issues
- Forensic Tools
- Data Acquisition and Duplication Concepts
- Data Acquisition Types
- Disk Acquisition Tool Requirements
- Validation Methods
- RAID Data Acquisition
- Acquisition Best Practices
- Data Acquisition Software Tools
- Data Acquisition Hardware Tools
- Recovering the Deleted Files
- File Recovery Tools for Windows
- File Recovery Tools for MAC
- File Recovery Tools for Linux
- Recovering the Deleted Partitions
- Partition Recovery Tools
- Overview and Installation of FTK
- FTK Case Manager User Interface
- FTK Examiner User Interface
- Starting with FTK
- FTK Interface Tabs
- Adding and Processing Static, Live, and Remote Evidence
- Using and Managing Filters
- Using Index Search and Live Search
- Decrypting EFS and other Encrypted Files
- Working with Reports
- Overview of EnCase Forensic
- Installing EnCase Forensic
- EnCase Interface
- Case Management
- Working with Evidence
- Source Processor
- Analyzing and Searching Files
- Viewing File Content
- Bookmarking Items
- Reporting
- Steganography Techniques
- Steganalysis
- Image Files
- Data Compression
- Locating and Recovering Image Files
- Image File Forensics Tools
- Password Cracking Concepts
- Types of Password Attacks
- Classification of Cracking Software
- Systems Software vs. Applications Software
- System Software Password Cracking
- Application Software Password Cracking
- Password Cracking Tools
- Computer Security Logs
- Logs and Legal Issues
- Log Management
- Centralized Logging and Syslogs
- Time Synchronization
- Event Correlation
- Log Capturing and Analysis Tools
- Network Forensics
- Network Attacks
- Log Injection Attacks
- Investigating and Analyzing Logs
- Investigating Network Traffic
- Traffic Capturing and Analysis Tools
- Documenting the Evidence Gathered on a Network
- Wireless Technologies
- Wireless Attacks
- Investigating Wireless Attacks
- Features of a Good Wireless Forensics Tool
- Wireless Forensics Tools
- Traffic Capturing and Analysis Tools
- Wi-Fi Raw Packet Capturing Tools
- Wi-Fi Spectrum Analyzing Tools
- Introduction to Web Applications and Webservers
- Web Logs
- Web Attacks
- Web Attack Investigation
- Web Attack Detection Tools
- Tools for Locating IP Address
- Email System Basics
- Email Crimes
- Email Headers
- Steps to Investigate
- Email Forensics Tools
- Laws and Acts against Email Crimes
- Mobile Phone
- Mobile Operating Systems
- Mobile Forensics
- Mobile Forensic Process
- Mobile Forensics Software Tools
- Mobile Forensics Hardware Tools
- Computer Forensics Report
- Computer Forensics Report Template
- Investigative Report Writing
- Sample Forensics Report
- Report Writing Using Tools
- Expert Witness
- Types of Expert Witnesses
- Scope of Expert Witness Testimony
- Evidence Processing
- Rules for Expert Witness
- General Ethics While Testifying
Speaker/s
He is considered an expert instructor for EC-Council in Malaysia and has been awarded EC-Council Instructor of the Year for the past 5 years. He holds numerous certifications in various IT fields including Certified Ethical Hacker, Certified Hacking Forensic Investigator, Microsoft Certified Trainer, CCNP, and PMP. Nimalan holds a degree in B.S. Telecommunications and Computer Engineering.
ActiveLearning, Inc. is the Philippines' leading provider of Information Technology and Project Management education, where thousands of students take courses from Application Development to Project Management to Network Security, and much more. Our courses are taught by expert instructors, and learning is enhanced through a blend of in-depth lectures, workshops, and hands-on exercises.
Expert Instructors
Learn from expert instructors who practice what they teach. Our instructors are involved in constant research and development, who constantly apply the lessons they teach, and who know the same technical issues you face every day.
Superior Courseware
Our courseware go through rigorous evaluation before they are released for instruction. By constantly monitoring industry developments, we make sure that you get course materials that are up to date.
Interactivity
More than just classroom lectures, practical, hands-on exercises are carefully developed for you to immediately put in to practice what you learn. By being immersed in a classroom setting, you get to participate, inquire, and be involved - all essential in expediting the learning process. Aspects you won't find in Computer-Based-Training and self-study. ...