Ignit Logo

Certified Hacking Forensic Investigator (CHFI) (Exame incluído)

Virtual Learning: 2,250€ + IVA

REF: CHFI Catálogo: EC-Council Área: EC-Council Cybersecurity

Duração icon

Duração:

5 dias

Próxima Data icon

Próxima Data:

18 a 22 Aug 2025

Local icon

Local:

Online

Descrição

EC-Council’s Certified Hacking Forensic Investigator (CHFI) is the only comprehensive ANSI accredited, lab-focused program in the market that gives organizations vendor-neutral training in digital forensics. CHFI provides its attendees with a firm grasp of digital forensics, presenting a detailed and methodological approach to digital forensics and evidence analysis that also pivots around Dark Web, IoT, and Cloud Forensics. The tools and techniques covered in this program will prepare the learner for conducting digital investigations using ground-breaking digital forensics technologies.

The program is designed for IT professionals involved with information system security, computer forensics, and incident response. It will help fortify the application knowledge in digital forensics for forensic analysts, cybercrime investigators, cyber defense forensic analysts, incident responders, information technology auditors, malware analysts, security consultants, and chief security officers.

The program equips candidates with the necessary skills to proactively investigate complex security threats, allowing them to investigate, record, and report cybercrimes to prevent future attacks.

*PVP por participante. A realização do curso nas datas apresentadas está sujeita a um quórum mínimo de inscrições.

Destinatários

The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response: Police and other law enforcement personnel, Defense and Security personnel, e-Business Security professionals, Legal professionals, Banking, Insurance, and other professionals, Government agencies, IT managers, Digital Forensics Service Providers

  • Área: EC-Council

  • Certificação Associada: EC0 312-49

Quero inscrever-me.

Programa:

Module 1: Computer Forensics in Today’s World

Lessons:

  • Fundamentals of Computer Forensics
  • Cybercrimes and their Investigation Procedures
  • Digital Evidence and eDiscovery
  • Forensic Readiness
  • Role of Various Processes and Technologies in Computer Forensics
  • Roles and Responsibilities of a Forensic Investigator
  • Challenges Faced in Investigating Cybercrimes
  • Standards and Best Practices Related to Computer Forensics
  • Laws and Legal Compliance in Computer Forensics

Module 2: Computer Forensics Investigation Process

Lessons:

  • Forensic Investigation Process and its Importance
  • First Response
  • Pre-Investigation Phase
  • Investigation Phase
  • Post-Investigation Phase

Labs:

  • Create a hard disk image file for forensics investigation and recover the data.

Module 3: Understanding Hard Disks and File Systems

Lessons:

  • Disk Drives and their Characteristics
  • Logical Structure of a Disk
  • Booting Process of Windows, Linux, and macOS Operating Systems
  • File Systems of Windows, Linux, and macOS Operating Systems
  • File System Analysis
  • Storage Systems
  • Encoding Standards and Hex Editors
  • Analyze Popular File Formats

Labs:

  • Analyze file system of Linux and Windows evidence images and recover the deleted files.
  • Analyze file formats.

Module 4: Data Acquisition and Duplication

Lessons:

  • Data Acquisition
  • eDiscovery
  • Data Acquisition Methodology
  • Preparing an Image File for Examination

Labs:

  • Create a forensics image for examination and convert it into various supportive formats for data acquisition.

Module 5: Defeating Anti-Forensics Techniques

Lessons:

  • Anti-Forensics Techniques
  • Data Deletion and Recycle Bin Forensics
  • File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
  • Password Cracking/Bypassing Techniques
  • Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension
  • Mismatch
  • Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
  • Program Packers and Footprint Minimizing Techniques

Labs:

  • Perform Solid-state drive (SSD) file carving on Windows and Linux file systems.
  • Recover lost/deleted partitions and their contents.
  • Crack passwords of various applications.
  • Detect hidden data streams and unpack program packers.

Module 6: Windows Forensics

Lessons:

  • Windows Forensics
  • Collect Volatile Information
  • Collect Non-volatile Information
  • Windows Memory Analysis
  • Windows Registry Analysis
  • Electron Application Analysis
  • Web Browser Forensics
  • Examine Windows Files and Metadata
  • ShellBags, LNK Files, and Jump Lists
  • Text-based Logs and Windows Event Logs

Labs:

  • Acquire and investigate RAM and Windows registry contents.
  • Examine forensic artifacts from web browsers.
  • Identify and extract forensic evidence from computers.

Module 7: Linux and Mac Forensics

Lessons:

  • Collect Volatile Information in Linux
  • Collect Non-Volatile Information in Linux
  • Linux Memory Forensics
  • Mac Forensics
  • Collect Volatile Information in Mac
  • Collect Non-Volatile Information in Mac
  • Mac Memory Forensics and Mac Forensics Tools

Labs:

  • Perform volatile and non-volatile data acquisition on Linux and Mac computers.
  • Perform memory forensics on a Linux machine.

Module 8: Network Forensics

Lessons:

  • Network Forensics
  • Event Correlation
  • Indicators of Compromise (IoCs) from Network Logs
  • Investigate Network Traffic
  • Incident Detection and Examination
  • Wireless Network Forensics
  • Detect and Investigate Wireless Network Attacks

Labs:

  • Identify and investigate network attacks.
  • Analyze network traffic for artifacts.

Module 9: Malware Forensics

Lessons:

  • Malware
  • Malware Forensics
  • Static Malware Analysis
  • Analyze Suspicious Documents
  • System Behavior Analysis
  • Network Behavior Analysis
  • Ransomware Analysis

Labs:

  • Perform static malware analysis.
  • Analyze a suspicious PDF file and Microsoft Office document.
  • Emotet malware analysis.

Module 10: Investigating Web Attacks

Lessons:

  • Web Application Forensics
  • Internet Information Services (IIS) Logs
  • Apache Web Server Logs
  • Detect and Investigate Various Attacks on Web Applications

Labs:

  • Identify and investigate web application attacks.

Module 11: Dark Web Forensics

Lessons:

  • Dark Web and Dark Web Forensics
  • Identify the Traces of Tor Browser during Investigation
  • Tor Browser Forensics

Labs:

  • Detect Tor Browser Activity and examine RAM dumps to discover Tor Browser artifacts.

Module 12: Cloud Forensics

Lessons:

  • Cloud Computing
  • Cloud Forensics
  • Amazon Web Services (AWS) Fundamentals
  • AWS Forensics
  • Microsoft Azure Fundamentals
  • Microsoft Azure Forensics
  • Google Cloud Fundamentals
  • Google Cloud Forensics

Labs:

  • Forensic acquisition and examination of an Amazon EC2 Instance, Azure VM, and GCP VM.

Module 13: Email and Social Media Forensics

Lessons:

  • Email Basics
  • Email Crime Investigation and its Steps
  • U.S. Laws Against Email Crime
  • Social Media Forensics

Labs:

  • Investigate a suspicious email to extract forensic evidence.

Module 14: Mobile Forensics

Lessons:

  • Mobile Device Forensics
  • Android and iOS Architecture and Boot Process
  • Mobile Forensics Process
  • Investigate Cellular Network Data
  • File System Acquisition
  • Phone Locks, Rooting, and Jailbreaking of Mobile Devices
  • Logical Acquisition on Mobile Devices
  • Physical Acquisition of Mobile Devices
  • Android and iOS Forensic Analysis

Labs:

  • Examine an Android image file and carve deleted files.

Module 15: IoT Forensics

Lessons:

  • IoT Concepts
  • IoT Devices Forensics

Pré-requisitos:

IT/forensics professionals with basic knowledge of IT/cybersecurity, computer forensics, and incident response. Knowledge of Threat Vectors.

Quero inscrever-me.

Partilha:

We meet future and then we make it spark slogan

Precisas de ajuda a encontrar o teu futuro?

A background of the Ignit sparks