Computer Hacking Forensic Investigator (CHFI)

الحاسب الآلي وتقنية المعلومات

مجانا

CHFI Course Outline

  • Computer Forensics in Today’s World
  • Computer Forensics Investigation Process
  • Understanding Hard Disks and File Systems
  • Operating System Forensics
  • Defeating Anti-Forensics Techniques
  • Data Acquisition and Duplication
  • Network Forensics
  • Investigating Web Attacks
  • Database Forensics
  • Cloud Forensics
  • Malware Forensics
  • Investigating Email Crimes
  • Mobile Forensics
  • Investigative Reports

A CHFI certified professional will be able to:

  • Perform incident response and forensics
  • Perform electronic evidence collections
  • Perform digital forensic acquisitions
  • Perform bit-stream Imaging/acquiring of the digital media seized during the process of investigation.
  • Examine and analyze text, graphics, multimedia, and digital images
  • Conduct thorough examinations of computer hard disk drives, and other electronic data storage media
  • Recover information and electronic data from computer hard drives and other data storage devices
  • Follow strict data and evidence handling procedures
  • Maintain audit trail (i.e., chain of custody) and evidence integrity
  • Work on technical examination, analysis and reporting of computer-based evidence
  • Prepare and maintain case files
  • Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files
  • Gather volatile and non-volatile information from Windows, MAC and Linux
  • Recover deleted files and partitions in Windows, Mac OS X, and Linux
  • Perform keyword searches including using target words or phrases
  • Investigate events for evidence of insider threats or attacks
  • Support the generation of incident reports and other collateral
  • Investigate and analyze all response activities related to cyber incidents
  • Plan, coordinate and direct recovery activities and incident analysis tasks
  • Examine all available information and supporting evidence or artefacts related to an incident or event
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
  • Conduct reverse engineering for known and suspected malware files
  • Perform detailed evaluation of the data and any evidence of activity in order to analyze the full circumstances and implications of the event
  • Identify data, images and/or activity which may be the target of an internal investigation
  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modelling
  • Search file slack space where PC type technologies are employed
  • File MAC times (Modified, Accessed, and Create dates and times) as evidence of access and event sequences
  • Examine file type and file header information
  • Review e-mail communications including web mail and Internet Instant Messaging programs
  • Examine the Internet browsing history
  • Generate reports which detail the approach, and an audit trail which documents actions taken to support the integrity of the internal investigation process
  • Recover active, system and hidden files with date/time stamp information

 

لا يوجد دورات مجدولة

سجل في قائمة الانتظار

النشرة الإخبارية

الاشتراك للحصول على التحديثات الحق في صندوق البريد الوارد. نحن نعد بعدم إرسال رسائل غير مرغوب فيها لك.