EC-Council Computer Hacking Forensic Investigator v9.0 (CHFI) - Virtual Delivery
Request a Class
10:00 am - 6:00 pm
EC-Council releases the most advanced Computer Forensic Investigation program in the world. CHFIv9 presents a detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enable students to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry-out a computer forensic investigation.
AUDIENCE AND PREREQUISITES
The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response.
It is strongly recommended that you attend the CEH class before enrolling into CHFI program.
vendor course description
*This is a Live Distance Learning (LDL) Course. The instructor will be remote, interacting virtually with the VTEC classroom . Course Cost includes Courseware iLabs and Exam voucher. Course cost does not include Courware (textbook) the cost of lunch. If you have any questions, please contact us (firstname.lastname@example.org or 207-775-0244).
Lesson 1: Computer Forensics in Today’s World Understanding Computer Forensics Why and When Do You Use Computer Forensics? Cyber Crime (Types of Computer Crimes) Case Study Challenges Cyber Crimes Present For Investigators Cyber Crime Investigation-Civil v Ciminal , Case Studies, Admin Investigation Rules of Forensics Investigation - Enterprise Theory of Investigation (ETI) Understanding Digital Evidence Types of Digital Evidence Characteristics of Digital Evidence, Types of Digital Evidence Role of Digital Evidence Rules of Evidence, Forensics Readiness,Incident Response PlanLesson 2: Computer Forensics Investigation Process Importance of Computer Forensics Process Phases Involved in the Computer Forensics Investigation Process Pre-investigation Phase, Setting Up a Computer Forensics Lab Planning and Budgeting, Physical Location and Structural Design Considerations Work Area Considerations, Physical Security Recommendations, Fire-Suppression Systems Evidence Locker Recommendations, Auditing the Security of a Forensics Lab Human Resource Considerations, Build a Forensics Workstation Basic Workstation Requirements in a Forensics Lab, Build a Computer Forensics Toolkit Forensics Hardware, Forensics Software (Cont’d) Build the Investigation Team, Forensic Practitioner Certification and Licensing Review Policies and Laws, Forensics Laws Establish Quality Assurance Processes, Quality Assurance Practices in Digital Forensics Lesson 3: Understanding Hard Disks and File Systems Hard Disk Drive Overview, Disk, Hard Disk Drive (HDD) Solid State Drive (SSD) Physical Structure of a Hard Disk, Logical Structure of Hard Disk Types of Hard Disk Interfaces, Hard Disk Interfaces, ATA, SCSI, IDE/EIDE, USB, Fibre Channel, Tracks, Track Numbering Sector, Sector Addressing, Advanced Format Sectors Cluster, Cluster Size, Slack Space, Lost Clusters Bad Sectors, Understanding Bit, Byte, and Nibble Hard Disk Data Addressing Data Densities on a Hard Disk Disk Capacity Calculation Measuring the Performance of the Hard Disk Disk Partitions and Boot Process, Disk PartitionsLesson 4: Data Acquisition and Duplication Data Acquisition and Duplication Concepts Static Acquisition Validate Data Acquisitions Acquisition Best PracticesLesson 5: Defeating Anti-forensics Techniques What is Anti-Forensics? Anti-Forensics techniques Recycle Bin in Windows File Recovery in MAC OS X Recovering the Deleted Partitions Password Protection Steganography Data Hiding in File System Structures Trail Obfuscation, Rootkits Artifact Wiping, Minimize Footprint, Tools Bugs, Coutermeasures Overwriting Data/Metadata, Anti-forensics Tools Encryption, Encrypted Network Protocols, Program PackersLesson 6: Operating System Forensics (Windows, Mac, Linux) Introduction to OS Forensics Windows Forensics, Collecting Volatile Information System Time, Logged-On Users, Open Files, Network Information & Connections Process Information, Process-to-Port Mapping, Process Memory, Network Status, Print spool files, Collecting Non-Volatile Information Analyze the Windows thumbcaches Windows Memory Analysis Windows Registry Analysis Cache, Cookie, and History Analysis Windows File Analysis, Other Audit Events Metadata Investigation, Text Based Logs Forensic Analysis of Event Logs, Linux Forensics, MAC Forensics Lesson 7: Network Forensics Introduction to Network Forensics Fundamental Logging Concepts Event Correlation Concepts Network Forensic Readiness Network Forensics Steps Network Traffic Investigation Why Investigate Network Traffic? Evidence Gathering via Sniffing, Sniffing Tool: Wireshark Packet Sniffing Tool: Capsa Network Analyzer Network Packet Analyzer: OmniPeek Network Analyzer, & Observer Network Packet Analyzer: Capsa Portable Network Analyzer Documenting the EvidenceLesson 8: Investigating Web Attacks Introduction to Web Application Forensics Web Attack Investigation Investigating Web Server Logs, Internet Information Services (IIS) Logs Investigating Apache Logs, Investigating Cross-Site Scripting (XSS) Investigating XSS: Using Regex to Search XSS Strings Pen-Testing CSRF Validation Fields Web Attack Detection Tools Tools for Locating IP Address IP Address Locating Tools WHOIS Lookup ToolsLesson 9: Database Forensics Database Forensics and Its Importance MSSQL Forensics, Structure of the Data Directory MySQL Forensics, Viewing the Information Schema MySQL Utility Programs For Forensic Analysis Common Scenario for Reference MySQL Forensics for WordPress Website Database: Scenario 1 Collect the Evidences, Examine the Log Files, Take a Backup of the Database Create an Evidence Database, Select the Database View the Tables & Users in the Database View Columns in the Table, Collect the Posts Made by the User MySQL Forensics for WordPress Website Database: Scenario 2 Collect the Database and all the Logs,Examine the .frm Files & Binary LogsLesson 10: Cloud Forensics Introduction to Cloud Computing Cloud Forensics, Cloud Forensics: Stakeholders and their Roles Cloud Crimes Cloud Forensics Challenges Investigating Cloud Storage Services Investigating Dropbox Cloud Storage Service Investigating Google Drive Cloud Storage ServiceLesson 11: Malware Forensics Introduction to Malware Introduction to Malware Forensics Supporting Tools for Malware Analysis General Rules for Malware Analysis Documentation Before Analysis Types of Malware Analysis Malware Analysis: Dynamic Installation & Process Monitor Files and Folder Monitor, Registry Monitor, Network Activity Monitor Port Monitor, DNS Monitoring/Resolution, API Calls Monitor Device Drivers Monitor, Startup Programs Monitor Windows Services Monitor, Analysis of Malicious Documents, Malware Analysis ChallengesLesson 12: Investigating Email Crimes Email System, Clients, Server, SMTP Server, POP3 Server, IMAP Server Importance of Electronic Records Management Email Crimes (Email Spamming, Mail Bombing/Mail Storm, Phishing, Email Spoofing, Crime via Chat Room, Identity Fraud/Chain Letter) Email Message, Steps to Investigate Email Crimes and Violation Examine E-mail Messages, Acquire Email Archives Recover Deleted Emails Examining Email Logs Examining Linux E-mail Server Logs Examining Microsoft Exchange E-mail Server Logs Email Forensics Tools Laws and Acts against Email Crimes U.S. Laws Against Email Crime: CAN-SPAM ActLesson 13: Mobile Phone Forensics Mobile Device Forensics, Why Mobile Forensics? Top Threats Targeting Mobile Devices, Mobile Hardware and Forensics Mobile OS and Forensics, Page | 28 Computer Hacking Forensic Investigator Copyright c by EC-Council Mobile Forensics Process Packing, Transporting, and Storing the Evidence Forensics Imaging, Phone Locking, Enabling USB Debugging Platform Security Removal Techniques: Jailbreaking/Rooting Mobile Evidence Acquisition, Cellular Network, Subscriber Identity Module (SIM) Logical , Physical & File System Acquisition File Carving, SQLite Database Extraction, Android Forensics Analysis Android Forensics Analysis, iPhone Data Extraction, Examination and AnalysisLesson 14: Forensics Report Writing and Presentation Writing Investigation Reports Expert Witness Testimony Deposition Dealing with Media