Course Overview
The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.
The CHFI certification gives participants (Law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals, and anyone who is concerned about the integrity of the network infrastructure.) the necessary skills to perform an effective digital forensics investigation.
CHFI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
Who should attend
- Anyone interested in cyber forensics/investigations
- Attorneys, legal consultants, and lawyers
- Law enforcement officers
- Police officers
- Federal/ government agents
- Defense and military
- Detectives/ investigators
- Incident response team members
- Information security managers
- Network defenders
- IT professionals, IT directors/ managers
- System/network engineers
- Security analyst/ architect/ auditors/ consultants
Prerequisites
- IT/forensics professionals with basic knowledge on IT/cyber security, computer forensics, and incident response
- Prior completion of EC-Council Certified Ethical Hacking (CEH) training would be an advantage
Course Objectives
- Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
- Perform anti-forensic methods detection
- Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
- Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
- Identify & check the possible source / incident origin.
- Recover deleted files and partitions in Windows, Mac OS X, and Linux
- Conduct reverse engineering for known and suspected malware files
- Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
Inglese
Tedesco
Svizzera
Germania