Computer hacking forensic investigator certification (c.h.f.i)

Computer hacking forensic investigator certification (c.h.f.i)
hoverplay

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks.

Computer crime in today’s cyber world is on the rise. Computer Investigation techniques are being used by police, government and corporate entities globally and many of them turn to EC-Council for our Computer Hacking Forensic Investigator CHFI Certification Program.

 

Computer Security and Computer investigations are changing terms. More tools are invented daily for conducting Computer Investigations, be it computer crime, digital forensics, computer investigations, or even standard computer data recovery. The tools and techniques covered in EC-Council’s CHFI program will prepare the student to conduct computer investigations using groundbreaking digital forensics technologies.

 

Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

The purpose of the CHFI credential is to:

Validate the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.


  • Computer Forensics in Today’s World
  • Computer Forensics Investigation Process
  • Understanding Hard Disks and File Systems
  • Operating System Forensics
  • Defeating Anti- forensics Techniques
  • Data Acquisition and Duplication
  • Network Forensics
  • Investigating Web Attacks
  • Database Forensics
  • Cloud Forensics
  • Malware Forensics
  • Investigating Email Crimes
  • Mobile Forensics
  • Investigative Reports

Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling

  • Perform anti-forensic methods detection
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
  • Identify & check the possible source / incident origin.
  • Recover deleted files and partitions in Windows, Mac OS X, and Linux
  • Conduct reverse engineering for known and suspected malware files
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
  • Perform electronic evidence collections
  • Perform digital forensic acquisitions
  • Conduct thorough examinations of computer hard disk drives and other electronic data storage media
  • Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files
  • Perform anti-forensics detection
  • Apply advanced forensic tools and techniques for attack reconstruction

 

 
 
 

 

  • Coverage of latest forensics examination techniques, including Linux and MAC Forensics
  • Labs on Defeating Anti-forensics Techniques, Database Forensics, Cloud Forensics and Malware Forensics
  • Official EC-Council Curriculum
  • Exam voucher included in course tuition
  • After-course instructor coaching benefit

About the Exam

  • Number of Questions: 150
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM
  • Exam Prefix: 312-49 (ECC EXAM)

Passing Score

In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 78%.

Target Audience

 

Police and other law enforcement personnel

  • Defense and Military personnel
  • e-Business Security professionals
  • Systems administrators
  • Legal professionals
  • Banking, Insurance and other professionals
  • Government agencies
  • IT managers