Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Computer Hacking Forensic Investigator
Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. Computer forensic investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information. This includes recovering deleted email, restoring erased images, and more.
Course Overview
Prior to attending this course, students must have completed the Certified Ethical Hacker (CEH) course or currently hold the CEHv8 or CEHv9 certification. Documentation is required prior to confirming registration.
This course is restricted to students at least 18 years old. If the student is under the age of 18, they can attend if they provide a written consent of their parent/legal guardian and a supporting letter from their institution of higher learning. Only students from nationally accredited institutions of higher learning shall be considered.
3110 North Central Ave. STE 160
Phoenix, AZ 85012
- Providers
- Courses
- Course and Provider Quantity
Learning Objectives
After completing this course, students will be able to:
- Implement the process of investigating cybercrime, laws involved, and the details in obtaining and executing a search warrant.
- Identify different types of digital evidence, rules of evidence, digital evidence examination process, and electronic crime and digital evidence consideration by crime category.
- Assume the role of first responder to IT security incidents. This includes building and using the first responder toolkit, securing and evaluating electronic crime scene, conducting preliminary interviews, documenting electronic crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence and reporting the crime scene.
- Recover deleted files and deleted partitions in Windows, Mac OS X, and Linux.
- Recover deleted email, images, documents, and other files containing relevant evidence.
- Conduct a forensic investigation using Access Data FTK and Encase.
- Identify the use of steganography and its techniques, and conduct steganalysis.
- Analyze image files for forensic data.
- Use password cracking tools and various types of password attacks to investigate password protected file breaches.
- Identify different types of log capturing techniques, log management, time synchronization and log capturing tools.
- Investigate logs, network traffic, wireless attacks, and web attacks.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Investigation
- Digital Forensics
- Strategic Planning and Policy
- Threat Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.