The Certified Hacking Forensic Investigator (C|HFI) v11 course is a specialized program designed for IT and cybersecurity professionals seeking to excel in digital forensics. This course offers an extensive curriculum, including 68 forensic labs and coverage of critical areas such as cloud forensics, mobile and IoT forensics, malware analysis, and social media forensics. Participants will learn the entire forensic investigation process, including data acquisition, evidence preservation, and reporting, through real-world scenarios and hands-on labs. Completing this course will enhance forensic skills and improve employability in the cybersecurity field.
Course Prerequisites
To effectively participate in the C|HFI v11 course, it is recommended that candidates have:
-
Basic Knowledge of IT/Cybersecurity: Understanding of fundamental cybersecurity concepts like firewalls, antivirus, and network security practices.
-
Familiarity with Incident Response: Basic knowledge of incident response processes and procedures.
-
Awareness of Computer Forensics: Fundamental understanding of computer forensics principles, including evidence collection and preservation.
-
Exposure to Threat Vectors: Basic awareness of cyber threat vectors and common attacks such as phishing and malware.
These prerequisites help ensure that participants can grasp the advanced concepts covered in the course.
Target Audience
The C|HFI v11 course is ideal for professionals involved in or aspiring to roles in digital forensics and cybersecurity, including:
-
Digital Forensics Investigators
-
IT Security Analysts
-
Cybersecurity Consultants
-
Incident Response Team Members
-
Threat Intelligence Analysts
-
Network Security Engineers
-
Law Enforcement Personnel
-
Security Operations Center (SOC) Analysts
-
Information Security Managers
-
Penetration Testers
-
Data Protection Officers
-
Malware Analysts
-
Ethical Hackers
-
Forensic Accountants
-
IT Auditors
-
Compliance Officers
-
Cybercrime Investigators
-
e-Discovery Specialists
-
Legal Professionals specializing in IT law
-
System Administrators interested in security functions
-
Cloud Security Analysts
Course Outline
1. Computer Forensics in Today’s World
-
Understand the Fundamentals of Computer Forensics
-
Understand Cybercrimes and their Investigation Procedures
-
Understand Digital Evidence
-
Understand Forensic Readiness, Incident Response and the Role of SOC (Security Operations Center) in Computer Forensics
-
Identify the Roles and Responsibilities of a Forensic Investigator
-
Understand the Challenges Faced in Investigating Cybercrimes
-
Understand Legal Compliance in Computer Forensics
2. Computer Forensics Investigation Process
-
Understand the Forensic Investigation Process and its Importance
-
Understand the Pre-investigation Phase
-
Understand First Response
-
Understand the Investigation Phase
-
Understand the Post-investigation Phase
3. Understanding Hard Disks and File Systems
-
Describe Different Types of Disk Drives and their Characteristics
-
Explain the Logical Structure of a Disk
-
Understand Booting Process of Windows, Linux and Mac Operating Systems
-
Understand Various File Systems of Windows, Linux and Mac Operating Systems
-
Examine File System Using Autopsy and The Sleuth Kit Tools
-
Understand Storage Systems
-
Understand Encoding Standards and Hex Editors
-
Analyze Popular File Formats Using Hex Editor
4. Data Acquisition and Duplication
-
Understand Data Acquisition Fundamentals
-
Understand Data Acquisition Methodology
-
Prepare an Image File for Examination
5. Defeating Anti-forensics Techniques
-
Understand Anti-forensics Techniques
-
Discuss Data Deletion and Recycle Bin Forensics
-
Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
-
Explore Password Cracking/Bypassing Techniques
-
Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch
-
Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
-
Detect Program Packers and Footprint Minimizing Techniques
-
Understand Anti-forensics Countermeasures
6. Windows Forensics
-
Collect Volatile and Non-volatile Information
-
Perform Windows Memory and Registry Analysis
-
Examine the Cache, Cookie and History Recorded in Web Browsers
-
Examine Windows Files and Metadata
-
Understand ShellBags, LNK Files, and Jump Lists
-
Understand Text-based Logs and Windows Event Logs
7. Linux and Mac Forensics
-
Understand Volatile and Non-volatile Data in Linux
-
Analyze Filesystem Images Using The Sleuth Kit
-
Demonstrate Memory Forensics Using Volatility & PhotoRec
-
Understand Mac Forensics
8. Network Forensics
-
Understand Network Forensics
-
Explain Logging Fundamentals and Network Forensic Readiness
-
Summarize Event Correlation Concepts
-
Identify Indicators of Compromise (IoCs) from Network Logs
-
Investigate Network Traffic
-
Perform Incident Detection and Examination with SIEM Tools
-
Monitor and Detect Wireless Network Attacks
9. Investigating Web Attacks
-
Understand Web Application Forensics
-
Understand Internet Information Services (IIS) Logs
-
Understand Apache Web Server Logs
-
Understand the Functionality of Intrusion Detection System (IDS)
-
Understand the Functionality of Web Application Firewall (WAF)
-
Investigate Web Attacks on Windows-based Servers
-
Detect and Investigate Various Attacks on Web Applications
10. Dark Web Forensics
11. Database Forensics
-
Understand Database Forensics and its Importance
-
Determine Data Storage and Database Evidence Repositories in MSSQL Server
-
Collect Evidence Files on MSSQL Server
-
Perform MSSQL Forensics
-
Understand Internal Architecture of MySQL and Structure of Data Directory
-
Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis
12. Cloud Forensics
-
Understand the Basic Cloud Computing Concepts
-
Understand Cloud Forensics
-
Understand the Fundamentals of Amazon Web Services (AWS)
-
Determine How to Investigate Security Incidents in AWS
-
Understand the Fundamentals of Microsoft Azure
-
Determine How to Investigate Security Incidents in Azure
-
Understand Forensic Methodologies for Containers and Microservices
13. Investigating Email Crimes
14. Malware Forensics
-
Define Malware and Identify the Common Techniques Attackers Use to Spread Malware
-
Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis
-
Understand and Perform Static Analysis of Malware
-
Analyze Suspicious Word and PDF Documents
-
Understand Dynamic Malware Analysis Fundamentals and Approaches
-
Analyze Malware Behavior on System Properties in Real-time
-
Analyze Malware Behavior on Network in Real-time
-
Describe Fileless Malware Attacks and How they Happen
-
Perform Fileless Malware Analysis - Emotet
15. Mobile Forensics
-
Understand the Importance of Mobile Device Forensics
-
Illustrate Architectural Layers and Boot Processes of Android and iOS Devices
-
Explain the Steps Involved in Mobile Forensics Process
-
Investigate Cellular Network Data
-
Understand SIM File System and its Data Acquisition Method
-
Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices
-
Perform Logical Acquisition on Android and iOS Devices
-
Perform Physical Acquisition on Android and iOS Devices
-
Discuss Mobile Forensics Challenges and Prepare Investigation Report
16. IoT Forensics
-
Understand IoT and IoT Security Problems
-
Recognize Different Types of IoT Threats
-
Understand IoT Forensics
-
Perform Forensics on IoT Devices
Live Online Training (Duration : 40 Hours)
