top of page
Cibersegurança

EC-COUNCIL C|HFI

CHFI
Cibersegurança

Description:

C|HFI V11 Course Program: The program provides reliable professional knowledge with a globally recognized certification, essential for careers in digital forensics and DFIR (Digital Forensics and Incident Response). The C|HFI offers a methodological approach to forensic computing, including search and seizure, chain of custody, acquisition, preservation, analysis, and reporting of digital evidence.

Cibersegurança

​​​​​​​​​​​​​​​​​​​​​​​Who benefits? CHFI V11 Benefits:

  • Cutting-edge technology to investigate and preserve both digital and non-digital evidence from attacks.

  • Threat intelligence to predict future attacks and alert the CyberTeam.

  • The CHFI V11 certification has been updated and renewed based on a thorough analysis of the latest market trends, job roles, etc.

  • The CHFI V11 certification will provide teams with comprehensive knowledge of malware forensic techniques. It includes the latest modules, such as IoT Forensics and Dark Web Forensics.

  • Gain hands-on learning experience with 68 detailed forensic labs.

  • Cybercriminals are actively targeting computer networks and systems, making it essential to empower your team with security skills and techniques.

  • The CHFI V11 helps train a workforce skilled in detecting intrusions in IT infrastructure.

​​

Cibersegurança

​​​​​​​​​​​​​​​​​​​​​​​C|HFI V11 Course Objectives:

  • Perform incident response and forensics.

  • Conduct electronic evidence collection.

  • Perform digital forensic acquisitions.

  • Perform bit-stream imaging/acquisition of digital media seized during an investigation.

  • Examine and analyze text, graphics, multimedia, and digital images.

  • Conduct examinations of hard drives and other data storage media.

  • Recover information and data from hard drives and other storage devices.

  • Follow strict data and evidence handling procedures.

  • Maintain audit trails and chain-of-custody while ensuring evidence integrity.

  • Conduct technical examinations, analysis, and reporting of computer-based evidence.

  • Prepare and maintain case files.

  • Use forensic tools and investigation methods to find electronic data, including internet usage history, word processing documents, images, and other files.

  • Gather volatile and non-volatile information from Windows, MAC, and Linux.

  • Recover deleted files and partitions on Windows, Mac OS X, and Linux.

  • Perform keyword searches, including the use of targeted words or phrases.

  • Investigate events for evidence of threats or attacks.

  • Assist in generating incident reports and others.

  • Investigate and analyze all cyber incident response-related activities.

  • Plan, coordinate, and direct recovery activities and incident analysis tasks.

  • Examine available information and supporting evidence or artifacts related to an incident/event.

  • Collect data using forensic technology methods following evidence handling procedures, including gathering printed and electronic documents.

  • Perform reverse engineering on known and suspected malware files.

  • Conduct detailed data analysis and evidence of activity to assess all circumstances and implications of the event.

  • Identify data, images, and/or activities that may be the subject of an internal investigation.

  • Establish threat intelligence and key learning points to support proactive profiling and scenario modeling.

  • Search slack space where PC-type technologies are employed.

  • View MAC (Modify, Access, Create) files as evidence of access and event sequences.

  • Examine file types and file header information.

  • Review email communications, including webmail and instant messaging programs.

  • Examine internet browsing history.

  • Generate reports that detail the approach and a chain of custody documenting actions taken to support the integrity of the internal investigation process.

  • Recover active, system, and hidden files with date/time stamp information.

  • Crack (or attempt to crack) password-protected files.

  • Perform anti-forensics detection.

  • Maintain awareness and follow laboratory evidence handling, examination, and security policies and procedures.

  • Act as a first responder, securing and assessing a cybercrime scene, conducting preliminary interviews, documenting the crime scene, collecting and preserving, packaging, and transporting electronic evidence, reporting the crime scene.

  • Perform post-intrusion analysis of media, determining who, where, what, when, and how the intrusion occurred.

  • Apply advanced forensic tools and attack reconstruction techniques.

  • Perform basic forensic activities and establish a foundation for advanced forensics.

  • Identify and verify the possible origin/source of an incident.

  • Perform event correlation.

  • Extract and analyze logs from devices such as proxies, firewalls, IPSes, IDSes, desktops, laptops, servers, SIM tools, routers, switches, AD servers, DHCP servers, Access Control Systems.

  • Ensure confidentiality regarding the incident, suspect weaknesses, malfunction, and deviation.

  • Assist in preparing search warrants, court orders, and subpoenas.

  • Provide expert testimony in support of forensic examinations conducted by the examiner.

 

​​​​​​​​​​​​​​​​​​​​​​​​Target Audience:

Police officers, investigators or government security professionals, military and defense personnel, IT security professionals, system administrators, lawyers, banking and insurance professionals, government agencies, IT managers, and directors. Common roles: Cybercrime investigators, Malware analysts, Forensic analysts, Cyber defense forensic analysts, Security consultants, Information technology auditors, Chief Information Security Officers.

Cibersegurança

Prerequisites:

• Knowledge of Unix and Windows systems.

• Administrative commands, tools, and internal operations.

• Basic knowledge of networking, TCP/IP, and other protocols.

• Understanding of file system operations.

• Partitioning and abstractions.

 

Exam Information:

• Number of Questions: 150

• Test Duration: 4 hours

• Test Format: Multiple choice

• Test Delivery: ECC EXAM

• Exam Prefix: 312-49 (ECC EXAM)

 

Course Duration:

 10 Days | 40 Hours | 4 hours per day

SCORPIONSHIELD
CHFI

Course Brochures (click the icon)

For more information:

Privacy Notice (GDPR):

Information will not be shared and used exclusively to communicate.

bottom of page