CHFI – Computer Hacking Forensics Investigator Course Overview

The Computer Hacking Forensics Investigator (CHFI) course is the most sought after information security certification in the field of Computer Forensic Investigation. If you desire to acquire the knowledge or skill set to identify, track and bring the cyber criminals to justice, then this course is the right choice for you. It is designed to reinforce the skills of the new generation of cyber sleuths. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

Apply Today

Instructor Led Learning

Duration: 5 Days
Registration Open Now!

Video Learning

Duration: 5 Days
Registration Open Now!

What you will learn

  • Lesson 1: Computer Forensics in Today’s World
  • Lesson 2: Computer Forensics Investigation Process
  • Lesson 3: Searching and Seizing Computers
  • Lesson 4: Digital Evidence
  • Lesson 5: First Responder Procedures
  • Lesson 6: Computer Forensics Lab
  • Lesson 7: Understanding Hard Disks and File Systems
  • Lesson 8: Windows Forensics
  • Lesson 9: Data Acquisition and Duplication
  • Lesson 10: Recovering Deleted Files and Deleted Partitions
  • Lesson 11: Forensics Investigation using AccessData FTK
  • Lesson 12: Forensics Investigation Using EnCase
  • Lesson 13: Steganography and Image File Forensics
  • Lesson 14: Application Password Crackers
  • Lesson 15: Log Capturing and Event Correlation
  • Lesson 16: Network Forensics, Investigating Logs and Investigating Network Traffic
  • Lesson 17: Investigating Wireless Attacks
  • Lesson 18: Investigating Web Attacks
  • Lesson 19: Tracking Emails and Investigating Email Crimes
  • Lesson 20: Mobile Forensics
  • Lesson 21: Investigative Reports
  • Lesson 22: Becoming an Expert Witness


Module 01: Computer Forensics in Today’s World

  • Forensics Science
  • Computer Forensics
  • Forensics Readiness
  • Cyber Crime
  • Cyber Crime Investigation
  • Corporate Investigations
  • Reporting a Cyber Crime

Module 02: Computer Forensics Investigation Process

  • Investigating Computer Crime
  • Steps to Prepare for a Computer Forensics Investigation
  • Computer Forensics Investigation Methodology

Module 03: Searching and Seizing Computers

  • Searching and Seizing Computers without a Warrant
  • Searching and Seizing Computers with a Warrant
  • The Electronic Communications Privacy Act
  • Electronic Surveillance in Communications Networks
  • Evidence

Module 04: Digital Evidence

  • Digital Data
  • Types of Digital Data
  • Rules of Evidence
  • Electronic Devices: Types and Collecting Potential Evidence
  • Digital Evidence Examination Process
  • Electronic Crime and Digital Evidence Consideration by Crime Category

Module 05: First Responder Procedures

  • Electronic Evidence
  • First Responder
  • Roles of First Responder
  • Electronic Devices: Types and Collecting Potential Evidence
  • First Responder Toolkit
  • First Response Basics
  • Securing and Evaluating Electronic Crime Scene
  • Conducting Preliminary Interviews
  • Documenting Electronic Crime Scene
  • Collecting and Preserving Electronic Evidence
  • Packaging and Transporting Electronic Evidence
  • Reporting the Crime Scene
  • Note Taking Checklist
  • First Responder Common Mistakes

Module 06: Computer Forensics Lab

  • Setting a Computer Forensics Lab
  • Investigative Services in Computer Forensics
  • Computer Forensics Hardware
  • Computer Forensics Software

Module 07: Understanding Hard Disks and File Systems

  • Hard Disk Drive Overview
  • Disk Partitions and Boot Process
  • Understanding File Systems
  • RAID Storage System
  • File System Analysis Using The Sleuth Kit (TSK)

Module 08: Windows Forensics

  • Collecting Volatile Information
  • Collecting Non-volatile Information
  • Windows Memory Analysis
  • Windows Registry Analysis
  • Cache, Cookie, and History Analysis
  • MD5 Calculation
  • Windows File Analysis
  • Metadata Investigation
  • Text Based Logs
  • Other Audit Events
  • Forensic Analysis of Event Logs
  • Windows Password Issues
  • Forensic Tools

Module 09: Data Acquisition and Duplication

  • Data Acquisition and Duplication Concepts
  • Data Acquisition Types
  • Disk Acquisition Tool Requirements
  • Validation Methods
  • RAID Data Acquisition
  • Acquisition Best Practices
  • Data Acquisition Software Tools
  • Data Acquisition Hardware Tools

Module 10: Recovering Deleted Files and Deleted Partitions

  • Recovering the Deleted Files
  • File Recovery Tools for Windows
  • File Recovery Tools for MAC
  • File Recovery Tools for Linux
  • Recovering the Deleted Partitions
  • Partition Recovery Tools

Module 11: Forensics Investigation using AccessData FTK

  • Overview and Installation of FTK
  • FTK Case Manager User Interface
  • FTK Examiner User Interface
  • Starting with FTK
  • FTK Interface Tabs
  • Adding and Processing Static, Live, and Remote Evidence
  • Using and Managing Filters
  • Using Index Search and Live Search
  • Decrypting EFS and other Encrypted Files
  • Working with Reports

Module 12: Forensics Investigation Using EnCase

  • Overview of EnCase Forensic
  • Installing EnCase Forensic
  • EnCase Interface
  • Case Management
  • Working with Evidence
  • Source Processor
  • Analyzing and Searching Files
  • Viewing File Content
  • Bookmarking Items
  • Reporting

Module 13: Steganography and Image File Forensics

  • Steganography
  • Steganography Techniques
  • Steganalysis
  • Image Files
  • Data Compression
  • Locating and Recovering Image Files
  • Image File Forensics Tools

Module 14: Application Password Crackers

  • Password Cracking Concepts
  • Types of Password Attacks
  • Classification of Cracking Software
  • Systems Software vs. Applications Software
  • System Software Password Cracking
  • Application Software Password Cracking
  • Password Cracking Tools

Module 15: Log Capturing and Event Correlation

  • Computer Security Logs
  • Logs and Legal Issues
  • Log Management
  • Centralized Logging and Syslogs
  • Time Synchronization
  • Event Correlation
  • Log Capturing and Analysis Tools

Module 16: Network Forensics, Investigating Logs and Investigating Network Traffic

  • Network Forensics
  • Network Attacks
  • Log Injection Attacks
  • Investigating and Analyzing Logs
  • Investigating Network Traffic
  • Traffic Capturing and Analysis Tools
  • Documenting the Evidence Gathered on a Network

Module 17: Investigating Wireless Attacks

  • Wireless Technologies
  • Wireless Attacks
  • Investigating Wireless Attacks
  • Features of a Good Wireless Forensics Tool
  • Wireless Forensics Tools
  • Traffic Capturing and Analysis Tools

Module 18: Investigating Web Attacks

  • Introduction to Web Applications and Webservers
  • Web Logs
  • Web Attacks
  • Web Attack Investigation
  • Web Attack Detection Tools
  • Tools for Locating IP Address

Module 19: Tracking Emails and Investigating Email Crimes

  • Email System Basics
  • Email Crimes
  • Email Headers
  • Steps to Investigate
  • Email Forensics Tools
  • Laws and Acts against Email Crimes

Module 20: Mobile Forensics

  • Mobile Phone
  • Mobile Operating Systems
  • Mobile Forensics
  • Mobile Forensic Process
  • Mobile Forensics Software Tools
  • Mobile Forensics Hardware Tools

Module 21: Investigative Reports

  • Computer Forensics Report
  • Computer Forensics Report Template
  • Investigative Report Writing
  • Sample Forensics Report
  • Report Writing Using Tools

Module 22: Becoming an Expert Witness

  • Expert Witness
  • Types of Expert Witnesses
  • Scope of Expert Witness Testimony
  • Evidence Processing
  • Rules for Expert Witness
  • General Ethics While Testifying

Join Over 10,000 Students that have studied with MasterGrade IT Now

Become Part of MasterGrade IT to Further Your Career.

Contact Us