Font size:

This course will provide participants the necessary skills to identify an intruders footprints and to properly gather the necessary evidence to prosecute in the court of law.


TARGET AUDIENCE:
The CHFI course will benefit:- Police and other laws enforcement personnel- Defense and Military personnel- e-Business Security professionals- Systems administrators- Legal professionals- Banking, Insurance and other professionals- Government agencies

COURSE OBJECTIVES:
Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client’s systems, to tracing the originator of defamatory emails, to recovering signs of fraud.

COURSE OUTLINE:


Computer Forensics and Investigations as a Profession

  • Understanding Computer Forensics
  • Comparing Definitions of Computer Forensics
  • Exploring a Brief History of Computer Forensics
  • Developing Computer Forensics Resources
  • Preparing for Computing Investigations
  • Understanding Enforcement Agency Investigations
  • Understanding Corporate Investigations
  • Maintaining Professional Conduct

Understanding Computer Investigations

  • Preparing a Computer Investigation
  • Examining a Computer Crime
  • Examining a Company-Policy Violation
  • Taking a Systematic Approach
  • Assessing the Case
  • Planning Your Investigation
  • Securing Your Evidence
  • Understanding Data-Recovery Workstations and Software
  • Setting Up Your Workstation for Computer Forensics
  • Executing an Investigation
  • Gathering the Evidence
  • Copying the Evidence Disk
  • Analyzing Your Digital Evidence
  • Completing the Case
  • Critiquing the Case

Working with Windows and DOS Systems

  • Understanding File Systems
  • Understanding the Boot Sequence
  • Examining Registry Data
  • Disk Drive Overview
  • Exploring Microsoft File Structures
  • Disk Partition Concerns
  • Boot Partition Concerns
  • Examining FAT Disks
  • Examining NTFS Disks
  • NTFS System Files
  • NTFS Attributes
  • NTFS Data Streams
  • NTFS Compressed Files
  • NTFS Encrypted File Systems (EFS)
  • EFS Recovery Key Agent
  • Deleting NTFS Files
  • Understanding Microsoft Boot Tasks
  • Windows XP, 2000, and NT Startup
  • Windows XP System Files
  • Understanding MS-DOS Startup Tasks
  • Other DOS Operating Systems

Macintosh and Linux Boot Processes and Disk Structures

  • Understanding the Macintosh File Structure
  • Understanding Volumes
  • Exploring Macintosh Boot Tasks
  • Examining UNIX and Linux Disk Structures
  • UNIX and Linux Overview
  • Understanding modes
  • Understanding UNIX and Linux Boot Processes
  • Understanding Linux Loader
  • UNIX and Linux Drives and Partition Scheme
  • Examining Compact Disc Data Structures
  • Understanding Other Disk Structures
  • Examining SCSI Disks
  • Examining IDE/EIDE Devices

The Investigators Office and Laboratory

  • Understanding Forensic Lab Certification Requirements
  • Identifying Duties of the Lab Manager and Staff
  • Balancing Costs and Needs
  • Acquiring Certification and Training
  • Determining the Physical Layout of a Computer Forensics Lab
  • Identifying Lab Security Needs
  • Conducting High-Risk Investigations
  • Considering Office Ergonomics
  • Environmental Conditions
  • Lighting
  • Structural Design Considerations
  • Electrical Needs
  • Communications
  • Fire-suppression Systems
  • Evidence Lockers
  • Facility Maintenance
  • Physical Security Needs
  • Auditing a Computer Forensics Lab
  • Computer Forensics Lab Floor Plan Ideas
  • Selecting a Basic Forensic Workstation
  • Selecting Workstations for Police Labs
  • Selecting Workstations for Private and Corporate Labs
  • Stocking Hardware Peripherals
  • Maintaining Operating Systems and Application Software Inventories
  • Using a Disaster Recovery Plan
  • Planning for Equipment Upgrades
  • Using Laptop Forensic Workstations
  • Building a Business Case for Developing a Forensics Lab
  • Creating a Forensic Boot Floppy Disk
  • Assembling the Tools for a Forensic Boot Floppy Disk
  • Retrieving Evidence Data Using a Remote Network Connection

Current Computer Forensics Tools

  • Evaluating Your Computer Forensics Software Needs
  • Using National Institute of Standards and Technology (NIST) Tools
  • Using National Institute of Justice (NU) Methods
  • Validating Computer Forensics Tools
  • Using Command-Line Forensics Tools
  • Exploring NTI Tools
  • Exploring Ds2dump
  • Reviewing DriveSpy
  • Exploring PDBlock
  • Exploring PDWipe
  • Reviewing Image
  • Exploring Part
  • Exploring SnapBack DatArrest
  • Exploring Byte Back
  • Exploring MaresWare
  • Exploring DIGS Mycroft v3
  • Exploring Graphical User Interface (GUI) Forensics Tools
  • Exploring AccessData Programs
  • Exploring Guidance Software EnCase
  • Exploring Ontrack
  • Using BIAProtect
  • Using LC Technologies Software
  • Exploring WinHex Specialist Edition
  • Exploring DIGS Analyzer Professional Forensic Software
  • Exploring ProDiscover DFT
  • Exploring DataLifter
  • Exploring ASRData
  • Exploring the Internet History Viewer
  • Exploring Other Useful Computer Forensics Tools
  • Exploring LTOOLS
  • Exploring Mtools
  • Exploring R-Tools
  • Using Explore2fs
  • Exploring @stake
  • Exploring TCT and TCTUTILs
  • Exploring ILook
  • Exploring HashKeeper
  • Using Graphic Viewers
  • Exploring Hardware Tools
  • Computing-Investigation Workstations
  • Building Your Own Workstation
  • Using a Write-blocker
  • Using LC Technology International Hardware
  • Forensic Computers
  • DIGS
  • Digital Intelligence
  • Image MASSter Solo
  • FastBloc
  • Acard
  • NoWrite
  • Wiebe Tech Forensic DriveDock
  • Recommendations for a Forensic Workstation

Digital Evidence Controls

  • Identifying Digital Evidence
  • Understanding Evidence Rules
  • Securing Digital Evidence at an Incident Scene
  • Cataloging Digital Evidence
  • Lab Evidence Considerations
  • Processing and Handling Digital Evidence
  • Storing Digital Evidence
  • Evidence Retention and Media Storage Needs
  • Documenting Evidence
  • Obtaining a Digital Signature

Processing Crime and Incident Scenes

  • Processing Private-Sector Incident Scenes
  • Processing Law Enforcement Crime Scenes
  • Understanding Concepts and Terms Used in Warrants
  • Preparing for a Search
  • Identifying the Nature of the Case
  • Identifying the Type of Computing System
  • Determining Whether You Can Seize a Computer
  • Obtaining a Detailed Description of the Location
  • Determining Who Is in Charge
  • Using Additional Technical Expertise
  • Determining the Tools You Need
  • Preparing the Investigation Team
  • Securing a Computer Incident or Crime Scene
  • Seizing Digital Evidence at the Scene
  • Processing a Major Incident or Crime Scene
  • Processing Data Centers with an Array of RAIDS
  • Using a Technical Advisor at an Incident or Crime Scene
  • Sample Civil Investigation
  • Sample Criminal Investigation
  • Collecting Digital Evidence

Data Acquisition

  • Determining the Best Acquisition Method
  • Planning Data Recovery Contingencies
  • Using MS-DOS Acquisition Tools
  • Understanding How DriveSpy Accesses Sector Ranges
  • Data Preservation Commands
  • Using DriveSpy Data Manipulation Commands
  • Using Windows Acquisition Tools
  • AccessData FTK Explorer
  • Acquiring Data on Linux Computers
  • Using Other Forensics Acquisition Tools
  • Exploring SnapBack DatArrest
  • Exploring SafeBack
  • Exploring EnCase

Computer Forensic Analysis

  • Understanding Computer Forensic Analysis
  • Refining the Investigation Plan
  • Using


Virtual Computer Hacking Forensics Investigator (CHFI) Online Live training option
Imagine an industry-leading classroom training experience from wherever you have access to the Internet. The Virtual Online Live events listed here gives you an effective and proven online virtual learning experience with the freedom to attend virtually from anywhere.

There is also an option of experiencing Online Live from one of the many national partner centers where a computer and headset will be provided for you.

This rich and engaging virtual classroom environment lets you conveniently interact with instructors and other students. You will hear and see your instructor as they teach the course and answer your questions via voice or text. Choose the online live virtual training option and you can access the recorded version even after the class has finished.

The onDemand labs give you access to the same client and server technologies covered in class so you can test, apply and hone your skills by accessing the labs before and even after the class.

Technical Requirements: a computer or laptop with a modern browser and high speed internet access along with one or two monitors.

Find a class and register in three easy steps:
  • 1. Select Location:
  • 2. Select Date Range:
    to
  • 3. Select Class Type:
    • All Types
    • C Classroom
    • V Virtual Live
    • Cv In-Class Virtual
    • O Online
FL Orlando2/26/2018 9:00:00 AM<span class="course-type type-c" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'ILT')" onmouseout="clearHoverInfo()">C</span>5 days2995.002520586
Virtual Live3/26/2018 8:00:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days3495.002520649
NV Reno3/26/2018 8:00:00 AM<span class="course-type type-cv" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'HVILT')" onmouseout="clearHoverInfo()">Cv</span>5 days3495.002524166
FL Orlando3/26/2018 6:00:00 PM<span class="course-type type-c" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'ILT')" onmouseout="clearHoverInfo()">C</span>11 days2995.002520588
Virtual Live5/14/2018 8:00:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days3495.002520645
MN Eagan5/14/2018 8:00:00 AM<span class="course-type type-cv" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'HVILT')" onmouseout="clearHoverInfo()">Cv</span>5 days3495.002524017
Virtual Live7/9/2018 8:00:00 AM<span class="course-type type-v" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'VILT')" onmouseout="clearHoverInfo()">V</span>5 days3495.002520648
GA Atlanta7/9/2018 8:00:00 AM<span class="course-type type-cv" style="cursor:default;word-wrap:normal;display:inline-block;" onmouseover="showHoverInfo(this, 'ProductTypeDescription' ,'HVILT')" onmouseout="clearHoverInfo()">Cv</span>5 days3495.002524024
seek-warrow-w
  • 1
arrow-eseek-eitems per page1 - 8 of 8 items