Computer Hacking Forensic Investigator (CHFI) from UMBC Training Centers

Computer Hacking Forensic Investigator (CHFI)

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client’s systems, to tracing the originator of defamatory emails, to recovering signs of fraud. The CHFI course will provide participants the necessary skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.

It is no longer a matter of “will your organization be comprised (hacked)?” but, rather, “when?” Today’s battles between corporations, governments, and countries are no longer fought only in the typical arenas of boardrooms or battlefields using physical force. Now the battlefield starts in the technical realm, which ties into most every facet of modern day life.

If you or your organization requires the knowledge or skills to identify, track, and prosecute the cyber-criminal, then this is the course for you. Many of today’s top tools of the forensic trade will be taught during this course, including software, hardware and specialized techniques.

Course Overview

Overall Proficiency Level

3 - Advanced

Course Prerequisites

It is recommended but not required that you attend our CEH class before enrolling into CHFI program.

Training Purpose

Functional Development

Skill Development

Specific Audience

All

Delivery Method

Online, Instructor-Led

Classroom

Course Location

6996 Columbia Gateway Drive
Suite 100
Columbia, MD 21046

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

Online, Instructor-Led
Classroom

Learning Objectives

Upon completing this course, students will be able to:
• Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
• Perform anti-forensic methods detection
• Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
• Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
• Identify & check the possible source / incident origin.
• Recover deleted files and partitions in Windows, Mac OS X, and Linux
• Conduct reverse engineering for known and suspected malware files
• Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

Framework Connections

Oversight and Governance

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Work Roles

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.