Cyber Forensics Investigator (SF)
Course Code:
TGS-2018502988
Duration:
5 Days
Delivery Mode:
Classroom
Start Date:
23-09-24
End Date:
27-09-24
Fees:
$3215.50

(Before Funding)

The Certified Hacking Forensic Investigator (C|HFI) credential is the most trusted digital forensics certification valued by employers worldwide. The comprehensive curriculum aligns with all crucial global digital forensic job roles. It covers a detailed and methodological approach to digital forensics and evidence analysis, including areas such as Dark Web, IoT, and Cloud Forensics. Upon achieving the C|HFI certification, you will be empowered with the skills and expertise needed to conduct digital investigations using groundbreaking technologies.

WHAT’S NEW IN CHFI V9?

  • Updated information as per the latest developments with a proper flow.
  • New investigation techniques and updated forensic investigation tools.
  • Classroom-friendly with a graphical representation of concepts and attacks.
  • Exclusive section for best practices to follow during a forensic investigation.
  • Exclusive section for disk acquisition tools requirements to carry out the successful investigation.
  • New and rich presentation style with engaging graphics.
  • Latest OS covered and a patched testing environment.
  • Well tested, result-oriented, descriptive, and analytical lab manual to evaluate the presented concepts.
  • Sample evidence files (~6GB) are provided that assist participant to carry out an analysis.
  • CHFIv9 is accompanied by iLabs.
  • Forensic challenges based real-time scenarios are provided in the Lab manual to practice.

WHY CHFI?

  • The program is developed after a thorough job tasks analysis and market research.
  • It is designed and developed by experienced SMEs and digital forensic practitioners.
  • CHFI is a vendor neutral course covering all major forensics investigations technologies and solutions.
  • Detailed labs for hands-on learning experience; approximately 40% of training time is dedicated to labs.
  • It covers all the relevant knowledge-bases and skills to meet with regulatory compliance standards such as ISO 27001, PCI DSS, SOX, HIPPA, etc.
  • More than 40 GB of digital forensics and evidence analysis tools.
  • Student kit which contains large number of white papers for additional reading.
  • The program presents a repeatable forensics investigation methodology required from a versatile digital forensic professional which increases your employability.
  • The student kit contains a large number of forensics investigation templates for evidence collection, chain-of-custody, final investigation reports, etc.
  • The program comes with cloud-based virtual labs enabling participants to practice various investigation techniques in a real-time and simulated environment.

Course Outline

Lesson 1: Computer Forensics in Today’s World
  • Fundamentals of Computer Forensics
  • Cybercrimes and Their Investigation Procedures
  • Digital Evidence and eDiscovery
  • Forensic Readiness
  • Roles of Various Processes and Technologies in Computer Forensics
  • Roles and Responsibilities of a Forensic Investigator
  • Challenges Faced in Investigating Cybercrimes
  • Standards and Best Practices in Computer Forensics
  • Laws and Legal Compliance in Computer Forensics
Lesson 2: Computer Forensics Investigation Process
  • Forensic Investigation Process and Its Importance
  • First Response
  • Pre-Investigation Phase
  • Investigation Phase
  • Post-Investigation Phase

Labs:

  • Create a hard disk image file for forensic investigation and recover the data
Lesson 3: Understanding Hard Disks and File Systems
  • Disk Drives and Their Characteristics
  • Logical Structure of a Disk
  • Booting Process of Windows, Linux, and macOS Operating Systems
  • File Systems of Windows, Linux, and macOS Operating Systems
  • File System Analysis
  • Storage Systems
  • Encoding Standards and Hex Editors
  • Analyzing Popular File Formats

Labs:

  • Analyze the file systems of Linux and Windows evidence images and recover deleted files
  • Analyze file formats
Lesson 4: Data Acquisition and Duplication
  • Data Acquisition
  • eDiscovery
  • Data Acquisition Methodology
  • Preparing an Image File for Examination

Labs:

  • Create a forensic image for examination and convert it into various supported formats for data acquisition.


Lesson 5: Defeating Anti-Forensic Techniques
  • Anti-Forensics Techniques
  • Data Deletion and Recycle Bin Forensics
  • File Carving Techniques and Methods for Recovering Evidence from Deleted Partitions
  • Password Cracking/Bypassing Techniques
  • Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension
  • Mismatches
  • Techniques for Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
  • Program Packers and Footprint Minimization Techniques

Labs:

  • Perform solid-state drive (SSD) file carving on.
  • Windows and Linux file systems.
  • Recover lost or deleted partitions and their contents.
  • Crack passwords of various applications.
  • Detect hidden data streams and unpack program packers.


Lesson 6: Operating Systems Forensics
  • Windows Forensics
  • Collect Volatile Information
  • Collect Non-Volatile Information
  • Windows Memory Analysis
  • Windows Registry Analysis
  • Electron Application Analysis
  • Web Browser Forensics
  • Examine Windows Files and Metadata
  • ShellBags, LNK Files, and Jump Lists
  • Text-Based Logs and Windows Event Logs

Labs:

  • Acquire and investigate RAM and Windows registry contents.
  • Examine forensic artifacts from web browsers.
  • Identify and extract forensic evidence from computers.


Lesson 7: Network Forensics
  • Collect Volatile Information in Linux
  • Collect Non-Volatile Information in Linux
  • Linux Memory Forensics
  • Mac Forensics
  • Collect Volatile Information in Mac
  • Collect Non-Volatile Information in Mac
  • Mac Memory Forensics and Mac Forensics Tools

Labs:

  • Perform volatile and non-volatile data acquisition on Linux and Mac computers.
  • Perform memory forensics on a Linux machine.


Lesson 8: Investigating Web Attacks
  • Network Forensics
  • Event Correlation
  • Indicators of Compromise (IoCs) from Network Logs
  • Investigate Network Traffic
  • Incident Detection and Examination
  • Wireless Network Forensics
  • Detect and Investigate Wireless Network Attacks

Labs:

  • Identify and investigate network attacks.
  • Analyze network traffic for artifacts.


Lesson 9: Database Forensics
  • Malware
  • Malware Forensics
  • Static Malware Analysis
  • Analyze Suspicious Documents
  • System Behavior Analysis
  • Network Behavior Analysis
  • Ransomware Analysis

Labs:

  • Perform static malware analysis.
  • Analyze a suspicious PDF file and Microsoft Office document.
  • Emotet malware analysis

Lesson 10: Cloud Forensics
  • Web Application Forensics
  • Internet Information Services (IIS) Logs
  • Apache Web Server Logs
  • Detect and Investigate Various Attacks on Web Applications

Labs:

  • Identify and investigate web application attacks

Lesson 11: Malware Forensics
  • Dark Web and Dark Web Forensics
  • Identify the Traces of Tor Browser during Investigation
  • Tor Browser Forensics

Labs:

  • Detect Top Browser Activity and examine RAM dumps to discover Tor Browser artifacts

Lesson 12: Investigating Email Crimes
  • Cloud Computing
  • Cloud Forensics
  • Amazon Web Services (AWS) Fundamentals
  • AWS Forensics
  • Microsoft Azure Fundamentals
  • Microsoft Azure Forensics
  • Google Cloud Fundamentals
  • Google Cloud Forensics

Labs:

  • Forensic acquisition and examination of an Amazon EC2 Instance, Azure VM, and GCP VM

Lesson 13: Mobile Forensics
  • Email Basics
  • Email Crime Investigation and its Steps
  • U.S. Laws Against Email Crime
  • Social Media Forensics

Labs:

  • Investigate a suspicious email to extract forensic evidence

Lesson 14: Forensic Report Writing and Presentation
  • Mobile Device Forensics
  • Android and iOS Architecture and Boot Process
  • Mobile Forensics Process
  • Investigating Cellular Network Data
  • File System Acquisition
  • Phone Locks, Rooting, and Jailbreaking of Mobile Devices
  • Logical Acquisition of Mobile Devices
  • Physical Acquisition of Mobile Devices
  • Android and iOS Forensic Analysis

Labs:

  • Examine an Android image file and carve deleted files

Lesson 15: IoT Forensics
  • IoT Concepts
  • IoT Device Forensics

Course Fee (inclusive of 9% GST)

Criteria Individual Company Sponsored (Non-SME) Company Sponsored (SME)
Full Course Fee
$3215.50
SG Citizens aged 21 – 39 years old / PRs above 21 years old
$964.65
$964.65
$374.65
SG Citizens age 40 years old and above
$374.65
$374.65
$374.65
Course Prerequisite
Recommended prerequisites for C|HFI: IT/Forensic professionals with basic knowledge of IT/cybersecurity, computer forensics, incident response, and threat vectors.
Important Notes
All Trainees must take note of the following:
  1. Must attend at least 75% of the course before being eligible to take the assessments.
  2. Dynamic QR Code Attendance Taking: a. Scan the QR Code that will be displayed by the Trainer on each session. Use your SingPass App to scan and submit your attendance. If you fail to do so, you will be deemed absent from that session. b. The QR Code is only accessible on: • Morning Session: between 9.00 am to 1.00 pm. • Afternoon Session: between 2.00 pm to 6.00 pm. c. Please take the attendance one at a time as the system can only register you one by one.
  3. Sign daily on the Attendance Sheet as a backup if any technical glitch happens.
  4. Submit Course Evaluation by the end of each module to help us improve the course and your future learning experience with us.
The course completion requirements for this course as follow:
  1. Attended at least 75% of the course.
  2. Declared as competent during the assessments.
Who Should Attend?
The CHFI program will significantly benefit to the following professionals who involved with information system security, computer forensics, and incident response:
  • Computer Forensic Analyst
  • Computer Network Defense (CND) Forensic Analyst
  • Digital Forensic Examiner
  • Forensic Analyst
  • Forensic Analyst (Cryptologic)
  • Forensic Technician
  • Network Forensic Examiner
  • Computer Crime Investigator
  • Special Agent

Why ITEL?

  • Diverse Range of IT Courses

    We offer a diverse range of IT courses tailored to student needs. Our curriculum covers foundational to advanced topics, ensuring comprehensive learning. We stay updated with industry trends to deliver relevant courses.

  • Skilled & Experienced Instructors

    We are proud to have a team of highly skilled and experienced instructors. Our instructors are industry professionals with in-depth knowledge and expertise across various IT domains.

  • Practical & Hands-on Exercises

    Our courses feature hands-on exercises, projects, and simulations to build practical skills. Students gain confidence by applying knowledge to real-world scenarios.

Course Enquiry for Cyber Forensics Investigator (SF)

"*" indicates required fields

I want to find out more about:
Consent*
Newsletter Subscription
This field is for validation purposes and should be left unchanged.