Duração:
5 dias
Próxima Data:
18 a 22 Aug 2025
Local:
Online
Descrição
EC-Council’s Certified Hacking Forensic Investigator (CHFI) is the only comprehensive ANSI accredited, lab-focused program in the market that gives organizations vendor-neutral training in digital forensics. CHFI provides its attendees with a firm grasp of digital forensics, presenting a detailed and methodological approach to digital forensics and evidence analysis that also pivots around Dark Web, IoT, and Cloud Forensics. The tools and techniques covered in this program will prepare the learner for conducting digital investigations using ground-breaking digital forensics technologies.
The program is designed for IT professionals involved with information system security, computer forensics, and incident response. It will help fortify the application knowledge in digital forensics for forensic analysts, cybercrime investigators, cyber defense forensic analysts, incident responders, information technology auditors, malware analysts, security consultants, and chief security officers.
The program equips candidates with the necessary skills to proactively investigate complex security threats, allowing them to investigate, record, and report cybercrimes to prevent future attacks.
*PVP por participante. A realização do curso nas datas apresentadas está sujeita a um quórum mínimo de inscrições.
Destinatários
The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response: Police and other law enforcement personnel, Defense and Security personnel, e-Business Security professionals, Legal professionals, Banking, Insurance, and other professionals, Government agencies, IT managers, Digital Forensics Service Providers
-
Área: EC-Council
-
Certificação Associada: EC0 312-49
Programa:
Module 1: Computer Forensics in Today’s World
Lessons:
- Fundamentals of Computer Forensics
- Cybercrimes and their Investigation Procedures
- Digital Evidence and eDiscovery
- Forensic Readiness
- Role of Various Processes and Technologies in Computer Forensics
- Roles and Responsibilities of a Forensic Investigator
- Challenges Faced in Investigating Cybercrimes
- Standards and Best Practices Related to Computer Forensics
- Laws and Legal Compliance in Computer Forensics
Module 2: Computer Forensics Investigation Process
Lessons:
- Forensic Investigation Process and its Importance
- First Response
- Pre-Investigation Phase
- Investigation Phase
- Post-Investigation Phase
Labs:
- Create a hard disk image file for forensics investigation and recover the data.
Module 3: Understanding Hard Disks and File Systems
Lessons:
- Disk Drives and their Characteristics
- Logical Structure of a Disk
- Booting Process of Windows, Linux, and macOS Operating Systems
- File Systems of Windows, Linux, and macOS Operating Systems
- File System Analysis
- Storage Systems
- Encoding Standards and Hex Editors
- Analyze Popular File Formats
Labs:
- Analyze file system of Linux and Windows evidence images and recover the deleted files.
- Analyze file formats.
Module 4: Data Acquisition and Duplication
Lessons:
- Data Acquisition
- eDiscovery
- Data Acquisition Methodology
- Preparing an Image File for Examination
Labs:
- Create a forensics image for examination and convert it into various supportive formats for data acquisition.
Module 5: Defeating Anti-Forensics Techniques
Lessons:
- Anti-Forensics Techniques
- Data Deletion and Recycle Bin Forensics
- File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
- Password Cracking/Bypassing Techniques
- Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension
- Mismatch
- Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
- Program Packers and Footprint Minimizing Techniques
Labs:
- Perform Solid-state drive (SSD) file carving on Windows and Linux file systems.
- Recover lost/deleted partitions and their contents.
- Crack passwords of various applications.
- Detect hidden data streams and unpack program packers.
Module 6: Windows Forensics
Lessons:
- Windows Forensics
- Collect Volatile Information
- Collect Non-volatile Information
- Windows Memory Analysis
- Windows Registry Analysis
- Electron Application Analysis
- Web Browser Forensics
- Examine Windows Files and Metadata
- ShellBags, LNK Files, and Jump Lists
- Text-based Logs and Windows Event Logs
Labs:
- Acquire and investigate RAM and Windows registry contents.
- Examine forensic artifacts from web browsers.
- Identify and extract forensic evidence from computers.
Module 7: Linux and Mac Forensics
Lessons:
- Collect Volatile Information in Linux
- Collect Non-Volatile Information in Linux
- Linux Memory Forensics
- Mac Forensics
- Collect Volatile Information in Mac
- Collect Non-Volatile Information in Mac
- Mac Memory Forensics and Mac Forensics Tools
Labs:
- Perform volatile and non-volatile data acquisition on Linux and Mac computers.
- Perform memory forensics on a Linux machine.
Module 8: Network Forensics
Lessons:
- Network Forensics
- Event Correlation
- Indicators of Compromise (IoCs) from Network Logs
- Investigate Network Traffic
- Incident Detection and Examination
- Wireless Network Forensics
- Detect and Investigate Wireless Network Attacks
Labs:
- Identify and investigate network attacks.
- Analyze network traffic for artifacts.
Module 9: Malware Forensics
Lessons:
- Malware
- Malware Forensics
- Static Malware Analysis
- Analyze Suspicious Documents
- System Behavior Analysis
- Network Behavior Analysis
- Ransomware Analysis
Labs:
- Perform static malware analysis.
- Analyze a suspicious PDF file and Microsoft Office document.
- Emotet malware analysis.
Module 10: Investigating Web Attacks
Lessons:
- Web Application Forensics
- Internet Information Services (IIS) Logs
- Apache Web Server Logs
- Detect and Investigate Various Attacks on Web Applications
Labs:
- Identify and investigate web application attacks.
Module 11: Dark Web Forensics
Lessons:
- Dark Web and Dark Web Forensics
- Identify the Traces of Tor Browser during Investigation
- Tor Browser Forensics
Labs:
- Detect Tor Browser Activity and examine RAM dumps to discover Tor Browser artifacts.
Module 12: Cloud Forensics
Lessons:
- Cloud Computing
- Cloud Forensics
- Amazon Web Services (AWS) Fundamentals
- AWS Forensics
- Microsoft Azure Fundamentals
- Microsoft Azure Forensics
- Google Cloud Fundamentals
- Google Cloud Forensics
Labs:
- Forensic acquisition and examination of an Amazon EC2 Instance, Azure VM, and GCP VM.
Module 13: Email and Social Media Forensics
Lessons:
- Email Basics
- Email Crime Investigation and its Steps
- U.S. Laws Against Email Crime
- Social Media Forensics
Labs:
- Investigate a suspicious email to extract forensic evidence.
Module 14: Mobile Forensics
Lessons:
- Mobile Device Forensics
- Android and iOS Architecture and Boot Process
- Mobile Forensics Process
- Investigate Cellular Network Data
- File System Acquisition
- Phone Locks, Rooting, and Jailbreaking of Mobile Devices
- Logical Acquisition on Mobile Devices
- Physical Acquisition of Mobile Devices
- Android and iOS Forensic Analysis
Labs:
- Examine an Android image file and carve deleted files.
Module 15: IoT Forensics
Lessons:
- IoT Concepts
- IoT Devices Forensics
Pré-requisitos:
IT/forensics professionals with basic knowledge of IT/cybersecurity, computer forensics, and incident response. Knowledge of Threat Vectors.
Partilha: