Trang chủ > Chương trình đào tạo EC - COUNCIL > Computer Hacking Forensic Investigation - CHFI V9

Computer Hacking Forensic Investigation - CHFI V9

 

 

COURSE OVERVIEW

CHFI v9 covers detailed methodological approach to computer forensic and evidence analysis. It provides the necessary skillset for identification of intruder’s footprints and gathering necessary evidence for its prosecution. All major tools and theories used by cyber forensic industry are covered in the curriculum. The certification can fortify the applied knowledge level of law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, computer and network security professionals, and anyone who is concerned about the integrity of the network and digital investigations.

 

CHFI presents a methodological approach to computer forensic including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence. It is a comprehensive course covering major forensic investigation scenarios that enables students to acquire necessary hands-on experience on various forensic investigation techniques and standard forensic tools necessary to successfully carryout computer forensic investigation leading to prosecution of perpetrators.

DURATIONS: 40 Hours (5 days)

AUDIENCE:

  • The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response. 

CERTIFICATION

  • Upon completion of this course, students will receive the Certificate of Completion from SmartPro.

EXAM

  • Number of Questions: 150
  • Passing Score: 70%
  • Test Duration: 4 hours
  • Test Format: MCQ
  • Test Delivery: ECC exam portal

WHAT WILL YOU LEARN

  • The CHFI v9 program has been redesigned and updated after thorough investigation including current market requirements, job tasks analysis, and recent industry focus on forensic skills
  • It is designed and developed by experienced subject matter experts and digital forensics practitioners
  • CHFI is a complete vendor neutral course covering all major forensics investigations technologies and solutions
  • CHFI has detailed labs for hands-on learning experience. On an average, approximately 50% of training time is dedicated to labs
  • It covers all the relevant knowledge-bases and skills to meets with regulatory compliance standards such as ISO 27001, PCI DSS, SOX, HIPPA, etc.
  • The student kit contains large number of white papers for additional reading
  • The program presents a repeatable forensics investigation methodology required from a versatile digital forensic professional which increases employability
  •  The student kit contains several forensics investigation templates for evidence collection, chain-ofcustody, final investigation reports, etc.
  • The program comes with cloud-based virtual labs enabling students to practice various investigation techniques in a real-time and simulated environment

COURSE CONTENT

 

Module 01: Computer Forensics in Today’s World

  • Understanding Computer Forensics
  • Why and When Do You Use Computer Forensics?
  • Cyber Crime (Types of Computer Crimes)
  • Case Study
  • Challenges Cyber Crimes Present For Investigators
  • Cyber Crime Investigation
  • Rules of Forensics Investigation
  • Understanding Digital Evidence
  • Types of Digital Evidence
  • Characteristics of Digital Evidence
  • Role of Digital Evidence
  • Sources of Potential Evidence
  • Rules of Evidence
  • Forensics Readiness
  • Computer Forensics as part of an Incident Response Plan
  • Need for Forensic Investigator
  • Roles and Responsibilities of Forensics Investigator
  • What makes a Good Computer Forensics Investigator?
  • Investigative Challenges
  • Legal and Privacy Issues
  • Code of Ethics
  • Accessing Computer Forensics Resources

Module 02: Computer Forensics Investigation Process

  • Importance of Computer Forensics Process
  • Phases Involved in the Computer Forensics Investigation Process
  • Pre-investigation Phase
  • Investigation Phase
  • Post-investigation Phase

Module 03: Understanding Hard Disks and File Systems

  • Hard Disk Drive Overview
  • Disk Partitions and Boot Process
  • Understanding File Systems
  • RAID Storage System
  • File System Analysis

Module 04: Operating System Forensics

  • Data Acquisition and Duplication Concepts
  • Static Acquisition
  • Validate Data Acquisitions
  • Acquisition Best Practices

Module 05: Defeating Anti-Forensics Techniques

  • What is Anti-Forensics?
  • Anti-Forensics techniques

Module 06: Data Acquisition and Duplication

  • Determining the Best Acquisition Method
  • Planning Data Recovery Contingencies
  • Using MS-DOS Acquisition Tools
  • Understanding How DriveSpy Accesses Sector Ranges
  • Data Preservation Commands
  • Using DriveSpy Data Manipulation Commands
  • Using Windows Acquisition Tools
  • AccessData FTK Explorer
  • Acquiring Data on Linux Computers
  • Using Other Forensics Acquisition Tools
  • Exploring SnapBack DatArrest
  • Exploring SafeBack
  • Exploring EnCase
  • Tool: R-Drive Image
  • Tool: DriveLook
  • Tool: DiskExplorer for NTFS

Module 07: Network Forensics

  • Introduction to Network Forensics
  • Fundamental Logging Concepts
  • Event Correlation Concepts
  • Network Forensic Readiness
  • Network Forensics Steps
  • Network Traffic Investigation

Module 08: Investigating Web Attacks

  • Introduction to Web Application Forensics
  • Web Attack Investigation
  • Investigating Web Server Logs
  • Web Attack Detection Tools
  • Tools for Locating IP Address
  • WHOIS Lookup Tools

Module 09: Database Forensics

  • Database Forensics and Its Importance
  • MSSQL Forensics
  • MySQL Forensics
  • Module 10: Cloud Forensics
  • Introduction to Cloud Computing
  • Cloud Forensics

Module 11: Malware Forensics

  • Introduction to Malware
  • Introduction to Malware Forensics

Module 12: Investigating Email Crimes

  • Email System
  • Email Crimes (Email Spamming, Mail Bombing/Mail Storm, Phishing, Email Spoofing, Crime via Chat Room, Identity Fraud/Chain Letter)
  • Email Message
  • Steps to Investigate Email Crimes and Violation

Module 13: Mobile Forensics

  • Mobile Device Forensics

Module 14: Investigative Reports

  • Writing Investigation Reports
  • Expert Witness Testimony

 

Địa chỉ: Lầu 6, toà nhà Thiên Sơn, 5-7-9 Nguyễn Gia Thiều, P.6, Quận 3, TP.HCM

Tel: (028) 39 333 376 - Fax: (028) 39 30 6767

Email: tuvan@smartpro.vn, sales@smartpro.vn

Chi nhánh: Nhà 40, ngõ 210 Đội cấn, Phường Đội cấn, Quận Ba đình, Hà Nội

Tel: (024) 37620196

Email: tuvan@smartpro.vn, sales@smartpro.vn

web counters