Who should attend
The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response.
About the course
CHFIv8 presents a detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enable students to acquire hands-on experience on various forensic investigation techniques and standard tools necessary to successfully carry-out a computer forensic investigation.
Battles between corporations, governments, and countries are no longer fought using physical force. Cyber war has begun and the consequences can be seen in everyday life. With the onset of sophisticated cyber-attacks, the need for advanced cyber security and investigation training is a mandate in the present day. If you or your organization requires the knowledge or skills to identify, track, and prosecute the cybercriminals, then this is the course for you. This course helps participants to excel in digital evidence acquisition, handling and analysis in a forensically sound manner. Acceptable in a court of law, these skills will lead to successful prosecutions in various types of security incidents such as data breaches, corporate espionage, insider threats and other intricate cases involving computer systems.
The computer forensic investigation process and the various legal issues involved
- Evidence searching, seizing and acquisition methodologies in a legal and forensically sound manner.
- Different types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category.
- Roles of first responder, first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, and reporting the crime scene
- How to set up a computer forensics lab and the tools involved in it
- Various file systems and how to boot a disk
- Gathering volatile and nonvolatile information from Windows
- Data acquisition and duplication rules, validation methods and tools required
- How to recover deleted files and deleted partitions in Windows, Mac OS X, and Linux
- The process involved in forensic investigation using AccessData FTK and EnCase
- Steganography and its techniques, Steganalysis, and image file forensics
- Password Cracking Concepts, tools, types of password attacks and how to investigate password protected files
- Different types of log capturing, log management, time synchronization, and log capturing tools
- How to investigate logs, network traffic, wireless attacks, and web attacks •
- How to track e-mails and investigate e-mail crimes
- Mobile forensics and mobile forensics software and hardware tools
- Computer Forensics
- Security Incident Report
- Aspects of Organizational Security
- Evolution of Computer Forensics
- Objective of Computer Forensics
- Need for Compute Forensics
- Benefits of Forensics Readiness
- Goals of Forensics Readiness
- Forensics Readiness Planning
- Computer Facilitated Crimes
- Modes of Attacks
- Examples of Cyber Crime
- Types of Computer Crimes
- Cyber Criminals
- Organized Cyber Crime: Organizational Chart
- How serious are Different Types of Incidents?
- Disruptive Incidents to the Business
- Cost Expenditure Responding to the Security Incident
Cyber Crime Investigation
- Key Steps in Forensics Investigation
- Rules of Forensics Investigation
- Need for Forensics Investigator
- Role of Forensics Investigator
- Accessing Computer Forensics Resources
- Role of Digital Evidence
- Understanding Corporate Investigations
- Approach to Forensics Investigation: A Case Study
- Instructions for the Forensic Investigator to Approach the Crime Scene
- Why and When Do You Use Computer Forensics?
- Enterprise Theory of Investigation (ETI)
- Legal Issues
- Reporting the Results
Reporting a Cyber Crime
- Why you should Report Cybercrime?
- Reporting Computer-Related Crimes
- Person Assigned to Report the Crime
- When and How to Report an Incident?
- Who to Contact at the Law Enforcement?
- Federal Local Agents Contact
- More Contacts
- CIO Cyber threat Report Form
A variety of methodologies will be used during the course that includes:
- (30%) Based on Case Studies
- (30%) Techniques
- (30%) Role Play
- (10%) Concepts
- Pre-test and Post-test
- Variety of Learning Methods
- Case Studies and Self Questionaires
- Group Work
- Presentation· How to write investigative reports
Videos and materials
Read more about Information Technology
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.