Computer Hacking Forensics Investigator (CHFI) V11

After completing this course students will be able to:

• Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
• Perform anti-forensic methods detection
• Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
• Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
• Identify & check the possible source / incident origin.
• Recover deleted files and partitions in Windows, Mac OS X, and Linux
• Conduct reverse engineering for known and suspected malware files
• Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

• Cyber Threat Analyst Tier 2
• Cyber Threat Intelligence Analyst
• Mid Level Penetration Tester
• Cyberspace Analyst II
• Cybersecurity Engineer II Red Team
• Forensic Analyst, Senior
• Cyber Security Analyst Advisor
• Cyber Security Analyst
• Application Security Analyst
• Senior Cyber Security Analyst
• Digital Forensics Analyst- Junior level
• Security Architect
• Cybersecurity Auditor
• Senior Network Security Engineer
• Information Security Engineer
• Manager Information Security management
• Principal Cyber Security Engineer

Recommended Prerequisites:

• IT/forensics professionals with basic knowledge of IT/cybersecurity, computer forensics, and incident response.
• Knowledge of Threat Vectors.

• Understand the Fundamentals of Computer Forensics
• Understand Cybercrimes and their Investigation Procedures
• Understand Digital Evidence and eDiscovery
• Understand Forensic Readiness
• Understand the Role of Various Processes and Technologies in Computer Forensics
• Identify the Roles and Responsibilities of a Forensic Investigator
• Understand the Challenges Faced in Investigating Cybercrimes
• Understand Various Standards and Best Practices Related to Computer Forensics
• Understand Laws and Legal Compliance in Computer Forensics

• Understand the Forensic Investigation Process and its Importance
• Understand First Response
• Understand the Pre-investigation Phase
• Understand the Investigation Phase
• Understand the Post-investigation Phase

• Describe Different Types of Disk Drives and their Characteristics
• Explain the Logical Structure of a Disk
• Understand the Booting Process of Windows, Linux, and macOS Operating Systems
• Understand Various File Systems of Windows, Linux and macOS Operating Systems
• Understand File System Analysis
• Understand Storage Systems
• Understand Encoding Standards and Hex Editors
• Analyze Popular File Formats Using Hex Editor

• Understand Data Acquisition Fundamentals
• Understand eDiscovery
• Understand Data Acquisition Methodology
• Prepare an Image File for Examination

• Understand Anti-forensics Techniques
• Discuss Data Deletion and Recycle Bin Forensics
• Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
• Explore Password Cracking/Bypassing Techniques
• Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch
• Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
• Detect Program Packers and Footprint Minimizing Techniques

• Understand Windows Forensics
• Collect Volatile Information
• Collect Non-volatile Information
• Perform Windows Memory Analysis
• Perform Windows Registry Analysis
• Perform Electron Application Analysis
• Perform Web Browser Forensics
• Examine Windows Files and Metadata
• Understand ShellBags, LNK Files, and Jump Lists
• Understand Text-based Logs and Windows Event Logs

• Collect Volatile Information in Linux
• Collect Non-volatile Information in Linux
• Understand Linux Memory Forensics
• Understand Mac Forensics
• Collect Volatile Information in Mac
• Collect Non-volatile Information in Mac
• Understand Mac Memory Forensics and Mac Forensics Tools

• Understand Network Forensics
• Summarize Event Correlation Concepts
• Identify Indicators of Compromise (IoCs) from Network Logs
• Investigate Network Traffic
• Perform Incident Detection and Examination Using SIEM Tools
• Understand Wireless Network Forensics
• Detect and Investigate Wireless Network Attacks

• Understand Malware Concepts
• Understand Malware Forensics
• Perform Static Malware Analysis
• Analyzing Suspicious Documents
• Perform System Behavior Analysis
• Perform Network Behavior Analysis
• Perform Ransomware Analysis

• Understand Web Application Forensics
• Understand Internet Information Services (IIS) Logs
• Understand Apache Web Server Logs
• Detect and Investigate Various Attacks on Web Applications

• Understand the Dark Web and Dark Web Forensics
• Determine How to Identify the Traces of Tor Browser during Investigation
• Perform Tor Browser Forensics

• Understand Cloud Computing Concepts
• Understand Cloud Forensics
• Understand Amazon Web Services (AWS) Fundamentals
• Perform AWS Forensics
• Understand Microsoft Azure Fundamentals
• Perform Microsoft Azure Forensics
• Understand Google Cloud Fundamentals
• Perform Google Cloud Forensics

• Understand Email Basics
• Explain Email Crime Investigation and its Steps
• Understand U.S. Laws Against Email Crime
• Explain Social Media Forensics

• Understand Mobile Device Forensics
• Understand Android and iOS Architecture, Boot Process, and File Systems
• Understand Mobile Forensics Process
• Investigate Cellular Network Data
• Perform File System Acquisition
• Understand Phone Locks, Rooting, and Jailbreaking of Mobile Devices
• Perform Logical Acquisition on Mobile Devices
• Perform Physical Acquisition on Mobile Devices
• Perform Android and iOS Forensic Analysis

• Understand IoT Concepts
• Perform Forensics on IoT Devices