Course DATE
19 – 23 February 2024
Course Fee (with 9% GST)
Full Course Fees: $3,215.50
Self-Sponsored
SG Citizen/PR aged ≥ 21 years: $964.65
SG Citizen aged ≥ 40 years: $374.65
Co-Sponsored (SME)
SG Citizen/PR aged ≥ 21 years: $374.65
SG Citizen aged ≥ 40 years: $374.65
Co-Sponsored (MNC)
SG Citizen/PR aged ≥ 21 years: $964.65
SG Citizen aged ≥ 40 years: $374.65
Overview
Course Reference Number: TGS-2018502988
The Certified Hacking Forensic Investigator (C|HFI) credential is the most trusted digital forensics certification employers worldwide value. The comprehensive curriculum aligns with all the crucial digital forensic job roles globally. It covers a detailed and methodological approach to digital forensics and evidence analysis that also pivots around Dark Web, IoT, and Cloud Forensics. When you successfully achieve the C|HFI certifitation, you will be empowered with the best skills and expertise to conduct digital investigations using ground-breaking technologies.
What's New in CHFI v9?
- Updated information as per the latest developments with a proper flow.
- New investigation techniques and updated forensic investigation tools.
- Classroom-friendly with a graphical representation of concepts and attacks.
- Exclusive section for best practices to follow during a forensic investigation.
- Exclusive section for disk acquisition tools requirements to carry out the successful investigation.
- New and rich presentation style with engaging graphics.
- Latest OS covered and a patched testing environment.
- Well tested, result-oriented, descriptive, and analytical lab manual to evaluate the presented concepts.
- Sample evidence files (~6GB) are provided that assist participant to carry out an analysis.
- CHFIv9 is accompanied by iLabs.
- Forensic challenges based real-time scenarios are provided in the Lab manual to practice.
Why CHFI?
- The program is developed after a thorough job tasks analysis and market research.
- It is designed and developed by experienced SMEs and digital forensic practitioners.
- CHFI is a vendor neutral course covering all major forensics investigations technologies and solutions.
- Detailed labs for hands-on learning experience; approximately 40% of training time is dedicated to labs.
- It covers all the relevant knowledge-bases and skills to meet with regulatory compliance standards such as ISO 27001, PCI DSS, SOX, HIPPA, etc.
- More than 40 GB of digital forensics and evidence analysis tools.
- Student kit which contains large number of white papers for additional reading.
- The program presents a repeatable forensics investigation methodology required from a versatile digital forensic professional which increases your employability.
- The student kit contains a large number of forensics investigation templates for evidence collection, chain-of-custody, final investigation reports, etc.
- The program comes with cloud-based virtual labs enabling participants to practice various investigation techniques in a real-time and simulated environment.
Prerequisites
Recommended prerequisites for C|HFI: IT/Forensic professionals with basic knowledge of IT/cybersecurity, computer forensics, incident response, and threat vectors.
IMportant notes
All Trainees must take note of the following:
- Must attend at least 75% of the course before being eligible to take the assessments.
- Dynamic QR Code Attendance Taking:
a. Scan the QR Code that will be displayed by the Trainer on each session. Use your SingPass App to scan and submit your attendance. If you fail to do so, you will be deemed absent from that session.
b. The QR Code is only accessible on:
• Morning Session: between 9.00 am to 1.00 pm.
• Afternoon Session: between 2.00 pm to 6.00 pm.
c. Please take the attendance one at a time as the system can only register you one by one. - Sign daily on the Attendance Sheet as a backup if any technical glitch happens.
- Submit Course Evaluation by the end of each module to help us improve the course and your future learning experience with us.
- Attended at least 75% of the course.
- Declared as competent during the assessments.
Who Should Attend?
The CHFI program will significantly benefit to the following professionals who involved with information system security, computer forensics, and incident response:
- Computer Forensic Analyst
- Computer Network Defense (CND) Forensic Analyst
- Digital Forensic Examiner
- Forensic Analyst
- Forensic Analyst (Cryptologic)
- Forensic Technician
- Network Forensic Examiner
- Computer Crime Investigator
- Special Agent
Course Outline
- Fundamentals of Computers Forensics
- Cybercrimes and their Investigation Procedures
- Digital Evidence and eDiscoery
- Forensic Readiness
- Role of Various Processes and Technologies in Computer Forensics
- Roles and Responsibilities of a Forensic Investigator
- Challenges Faced in Investigating Cybercrimes
- Standards and Best Practices Related to Computer Forensics
- Laws and Legal Compliance in Computer Forensics
- Forensic Investigation Process and its Importance
- First Response
- Pre-Investigation Phase
- Investigation Phase
- Post-Investigation Phase
- Create a hard disk image file for forensics investigation and recover the data.
- Disk Drives and their Characteristics
- Logical Structure of a Disk
- Booting Process of Windows, Linux, and macOS Operating Systems
- File Systems of Windows, Linux, and macOS Operating Systems
- File System Analysis
- Storage Systems
- Encoding Standards and Hex Editors
- Analyze Popular File Formats
- Analyze file system of Linux and Windows evidence images and recover deleted files.
- Analyze file formats
- Data Acquisition
- eDiscovery
- Data Acquisition Methodology
- Preparing an Image File for Examination
- Create a forensics image for examination and convert it into various supportive formats for data acquisition.
- Anti-Forensics Techniques
- Data Deletion and Recycle Bin Forensics
- File Carving Techniques and Ways to Recover Evidence from Deleted Partitions
- Password Cracking/Bypassing Techniques
- Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension
- Mismatch
- Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
- Program Packers and Footprint Minimizing Techniques
- Perform Solid-state drive (SSD) file carving on.
- Windows and Linux file systems.
- Recover lost/deleted partitions and their contents.
- Crack passwords of various applications.
- Detect hidden data streams and unpack program packers
- Windows Forensics
- Collect Volatile Information
- Collect Non-volatile Information
- Windows Memory Analysis
- Windows Registry Analysis
- Electron Application Analysis
- Web Browser Forensics
- Examine Windows Files and Metadata
- ShellBags, LNK Files, and Jump Lists
- Text-based Logs and Windows Event Logs
- Acquire and investigate RAM and Windows registry contents.
- Examine forensic artifacts from web browsers.
- Identify and extract forensic evidence from computers.
- Collect Volatile Information in Linux
- Collect Non-Volatile Information in Linux
- Linux Memory Forensics
- Mac Forensics
- Collect Volatile Information in Mac
- Collect Non-Volatile Information in Mac
- Mac Memory Forensics and Mac Forensics Tools
- Perform volatile and non-volatile data acquisition on Linux and Mac computers.
- Perform memory forensics on a Linux machine.
- Network Forensics
- Event Correlation
- Indicators of Compromise (IoCs) from Network Logs
- Investigate Network Traffic
- Incident Detection and Examination
- Wireless Network Forensics
- Detect and Investigate Wireless Network Attacks
- Identify and investigate network attacks.
- Analyze network traffic for artifacts.
- Malware
- Malware Forensics
- Static Malware Analysis
- Analyze Suspicious Documents
- System Behavior Analysis
- Network Behavior Analysis
- Ransomware Analysis
- Perform static malware analysis.
- Analyze a suspicious PDF file and Microsoft Office document.
- Emotet malware analysis
- Web Application Forensics
- Internet Information Services (IIS) Logs
- Apache Web Server Logs
- Detect and Investigate Various Attacks on Web Applications
- Identify and investigate web application attacks.
- Dark Web and Dark Web Forensics
- Identify the Traces of Tor Browser during Investigation
- Tor Browser Forensics
- Detect Top Browser Activity and examine RAM dumps to discover Tor Browser artifacts.
- Cloud Computing
- Cloud Forensics
- Amazon Web Services (AWS) Fundamentals
- AWS Forensics
- Microsoft Azure Fundamentals
- Microsoft Azure Forensics
- Google Cloud Fundamentals
- Google Cloud Forensics
- Forensic acquisition and examination of an Amazon EC2 Instance, Azure VM, and GCP VM.
- Email Basics
- Email Crime Investigation and its Steps
- U.S. Laws Against Email Crime
- Social Media Forensics
- Investigate a suspicious email to extract forensic evidence.
- Mobile Device Forensics
- Android and iOS Architecture and Boot Process
- Mobile Forensics Process
- Investigate Cellular Network Data
- File System Acquisition
- Phone Locks, Rooting, and Jailbreaking of Mobile Devices
- Logical Acquisition on Mobile Devices
- Physical Acquisition of Mobile Devices
- Android and iOS Forensic Analysis
- Examine an Android image file and carve deleted files.
- IoT Concepts
- IoT Devices Forensics
