Computer Hacking Forensic Investigator Certification

Computer Hacking Forensic Investigator Certification

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks.

Computer crime in today’s cyber world is on the rise. Computer Investigation techniques are being used by police, government, and corporate entities globally and many of them turn to EC-Council for our Digital Forensic Investigator CHFI Certification Program.

Computer Security and Computer investigations are changing terms. More tools are invented daily for conducting Computer Investigations, be it computer crime, digital forensics, computer investigations, or even standard computer data recovery. The tools and techniques covered in EC-Council’s CHFI program will prepare the student to conduct computer investigations using ground-breaking digital forensics technologies.

Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

Choose a Pricing Option

$2,899

One - Time Payment

or

Enroll with Interest-Free

Monthly Payments

No Credit Checks - 0% Interest - No Application or Registration - No late Fees - Instant Approval - Works with your existing Credit


We have partnered with Splitit to turn your purchase into smaller, bite-sized payments.

Click Here for more information about Splitit, and if you are happy to proceed, send us an email and ask for an Installment Plan.

You will receive a temporary link that will give you a choice to pay with up to 12 months interest-free monthly payments.

After finalising the payment process, you will receive your enrolment confirmation and access information via email with the next steps, within 36 hours or at the specified course's commencement date.


[email protected]



Installments starts from less than $242/ month


EC-Council’s Computer Hacking Forensic Investigator (CHFI) program

Digital forensics is a key component in Cyber Security. Many people hear the term forensics, or computer forensics, or digital forensics and instantly think that’s just for law enforcement, but the truth is, digital forensics has a key place on every cyber security team. In fact, without it, chances are your organization’s security posture and maturity will fail to see its full potential. Computer forensics is an evolving field that is always moving to match the changes in devices and how they are used for identifying, preserving, analyzing, and recovering data from computers and various digital media storage. Digital data are subjected to legal practices and guidelines when intended to serve as evidence in civil proceedings


About the Program

Digital Forensic practices stem from forensic science, the science of collecting and examining evidence or materials. Digital or computer forensics focuses on the digital domain including computer forensics, network forensics, and mobile forensics. As the cyber security profession evolves, organizations are learning the importance of employing digital forensic practices into their everyday activities. Computer forensic practices can help investigate attacks, system anomalies, or even help System administrators detect a problem by defining what is normal functional specifications and validating system information for irregular behaviors ares.

In the event of a cyber-attack or incident, it is critical investigations be carried out in a manner that is forensically sound to preserve evidence in the event of a breach of the law. Far too many cyber-attacks are occurring across the globe where laws are clearly broken and due to improper or non-existent forensic investigations, the cyber criminals go either unidentified, undetected, or are simply not prosecuted.

Cyber security professionals who acquire a firm grasp on the principles of digital forensics can become invaluable members of Incident Handling and Incident response teams. The Computer Forensic course provides a strong baseline knowledge of key concepts and practices in the digital forensic domains relevant to today’s organizations. CHFI provides its attendees with a firm grasp on the domains of digital forensics.


Who Is It For?

The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response.

Target Audience

  • Police and other law enforcement personnel
  • Defense and Military personnel
  • e-Business Security professionals
  • Systems administrators
  • Legal professionals
  • Banking, Insurance and other professionals
  • Government agencies
  • IT managers


CHFI Course Outline

  • Computer Forensics in Today’s World
  • Computer Forensics Investigation Process
  • Understanding Hard Disks and File Systems
  • Operating System Forensics
  • Defeating Anti-Forensics Techniques
  • Data Acquisition and Duplication
  • Network Forensics
  • Investigating Web Attacks
  • Database Forensics
  • Cloud Forensics
  • Malware Forensics
  • Investigating E-mail Crimes
  • Mobile Forensics
  • Investigative Reports


Computer Hacking Forensic Investigator Certification

EC-Council’s CHFI certifies individuals in the specific security discipline of computer forensics from a vendor-neutral perspective. Our digital forensics certification will fortify the application knowledge of law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals, and anyone who is concerned about the integrity of the network infrastructure.


A CHFI certified professional will be equipped to be gainfully employed as a Computer Forensics or a Digital Forensics professional. They will be able to:


  • Perform incident response and computer forensics
  • Identify data, images and/or activity which may be the target of an internal investigation
  • Perform electronic evidence collections
  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modelling
  • Perform digital forensic acquisitions as an analyst
  • Search file slack space where PC type technologies are employed
  • Perform bit-stream Imaging/acquiring of the digital media seized during the process of investigation.File MAC times (Modified, Accessed, and Create dates and times) as evidence of access and event sequences
  • Examine and analyze text, graphics, multimedia, and digital images
  • Examine file type and file header information
  • Conduct thorough examinations of computer hard disk drives, and other electronic data storage media
  • Review e-mail communications including web mail and Internet Instant Messaging programs
  • Recover information and electronic data from computer hard drives and other data storage devices
  • Examine the Internet browsing history
  • Follow strict data and evidence handling procedures
  • Generate reports which detail the approach, and an audit trail which documents actions taken to support the integrity of the internal investigation process
  • Maintain audit trail (i.e., chain of custody) and evidence integrity
  • Work on technical examination, analysis, and reporting of computer-based evidence
  • Recover active, system and hidden files with date/time stamp information
  • Prepare and maintain case files
  • Crack (or attempt to crack) password protected files
  • Utilize forensic tools and investigative methods to find electronic data, including
  • Perform anti-forensics detection
  • Internet use history, word processing documents, images, and other files
  • Maintain awareness and follow laboratory evidence handling, evidence examination, laboratory safety, and laboratory security policy and procedures
  • Gather volatile and non-volatile information from Windows, MAC, and Linux
  • Play a role of the first responder by securing and evaluating a cybercrime scene, conducting preliminary interviews, documenting a crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, reporting of the crime scene
  • Recover deleted files and partitions in Windows, Mac OS X, and Linux
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Perform keyword searches including using target words or phrases
  • Apply advanced forensic tools and techniques for attack reconstruction
  • Investigate events for evidence of insider threats or attacks
  • Perform fundamental forensic activities and form a base for advanced digital forensics
  • Support the generation of incident reports and other collateral
  • Identify and check the possible source/incident origin
  • Investigate and analyze all response activities related to cyber incidents
  • Perform event co-relation
  • Plan, coordinate and direct recovery activities and incident analysis tasks
  • Extract and analyze logs from various devices such as proxies, firewalls, IPSs, IDSes, Desktops, laptops, servers, SIM tools, routers, switches, AD servers, DHCP servers, Access Control Systems, etc.Examine all available information and supporting evidence or artifacts related to an incident or event
  • Ensure that reported incident or suspected weaknesses, malfunctions and deviations are handled with confidentiality
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including a collection of hard copy and electronic documents
  • Assist in the preparation of search and seizure warrants, court orders, and subpoenas
  • Conduct reverse engineering for known and suspected malware files
  • Provide expert witness testimony in support of forensic examinations conducted by the examiner
  • Perform detailed evaluation of the data and any evidence of activity in order to analyze the full circumstances and implications of the event

Choose a Pricing Option

$2,899

One - Time Payment

The purpose of the CHFI credential is to:

Validate the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.


About the Exam

  • Number of Questions: 150
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM
  • Exam Prefix: 312-49 (ECC EXAM)


Passing Score

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (i.e., different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

EC-COUNCIL

EC-Council has been the world's leading information security certification body since the launch of its flagship program, Certified Ethical Hacker (CEH), which created the ethical hacking industry in 2002. Since the launch of CEH, EC-Council has added industry-leading programs to their portfolio to cover all aspects of information security including EC-Council Certified Security Analyst (ECSA), Computer Hacking Forensics Investigator (CHFI), Certified Chief Information Security Officer (CCISO), among others.

Choose a Pricing Option

$2,899

One - Time Payment