Computer Hacking Forensics Investigator (CHFI) - ITU Online

Your Last Chance for Lifetime Learning!  Elevate your skills forever with our All-Access Lifetime Training. 
Only $249! Our Lowest Price Ever!


Computer Hacking Forensics Investigator (CHFI)

This CHFI course will cover the security discipline of computer forensics from a vendor-neutral perspective and work towards preparing students to become Forensic Investigators in Computer Hacking.

Included In This Course

Included In This Course

Total Hours
18  Training Hours
Computer Hacking Forensics Investigator (CHFI)
133 On-demand Videos
Closed Caption

Closed Captions

Course Topics
22  Topics
Prep Questions
62 Prep Questions
Computer Hacking Forensics Investigator (CHFI)

Certificate of Completion

Course Description

CHFI Course – Computer Hacking Forensics Investigator (ECC 312-49)

Our CHFI Course – Computer Hacking Forensics Investigator (ECC 312-49) course will help you to gain knowledge in the specific security discipline of computer forensics from a vendor-neutral perspective and work towards becoming a Forensic Investigator in Computer Hacking. This course will fortify the application knowledge of law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals, and anyone who is concerned about the integrity of the network infrastructure.

The “Ethical Hacking” and “Forensic Investigator in Computer Hacking” course(s) are unofficial programs that have been developed by ITU independently of EC-Council. EC-Council has not been endorsed, sponsored or certified this material at any time whatsoever. Usage of these material/books does not provide any guarantee of passing the EC-Council exam. The ITU Online course on Computer Hacking Forensics Investigator (ECC 312-49) is a comprehensive program designed to teach the key aspects of computer forensics. It covers topics such as the forensics investigation process, digital evidence, first responder procedures, network forensics, various tools and techniques used in forensic analysis, and preparing for the CHFI ECC 312-49 exam. This course is suitable for IT professionals, law enforcement personnel, legal professionals, and anyone interested in cybersecurity and forensic investigation.

About Computer Hacking Forensics Investigator

Do you have what it takes to be a Computer Hacking Forensic Investigator? CHFI is a DoD 8570 / 8140 approved certification for cybersecurity professionals, and the process involves detecting hacking attacks and extracting evidence to report crimes. It’s also used in audits to prevent future attacks from occurring. Governments, police departments, and corporations around the world are using this computer investigation technique with EC-Council’s CHFI certification as proof of these skills.

About our CHFI video training

With the comprehensive CHFI training you’ll receive through ITU, you will be better equipped to identify and apprehend cybercrime culprits. You’ll develop effective strategies for searching and seizing, as well as chain-of-custody acquisition, preservation, analysis and reporting of digital evidence that meet legal standards. By taking this vendor-neutral training course your knowledge base will be sufficiently primed so that when it comes time for sitting for the official CHFI certification exam – you are ready!

By obtaining the CHFI – Computer Hacking Forensic Investigator certification, you can demonstrate your capability to detect cyber breaches, properly extract and save digital evidence from computers and storage devices, as well as understand how hackers execute their attacks.

Who should obtain CHFI Certification?

Designed specifically for IT Managers, Law enforcement officers, Defense and Military personnel, e-Business Security professionals, Systems administrators, Legal representatives & employees of Banking and Insurance as well as other professional industries – this expert-level cybersecurity certification is a must have.

About 312-49 Exam Questions, format, duration, and passing score

  •  Duration is 240 minutes for the exam
  • There are 150 questions
  • multiple-choice format
  • A score of 70% is required to pass and receive your certification
  • Exam is offered vis Pearson VUE testing centers  

Key Term Knowledge Base: Key Terms Related to Computer Hacking Forensics Investigator (CHFI) Course

Understanding the key terms in the field of Computer Hacking Forensic Investigation is crucial for anyone interested in pursuing a career in cybersecurity, digital forensics, or a related field. This knowledge is not only essential for grasping the concepts taught in courses like the CHFI but also for practical application in real-world scenarios. The terms listed below encompass various aspects of digital forensics, including investigation processes, tools, and legal considerations, providing a comprehensive vocabulary for aspiring forensic investigators.

Computer ForensicsThe practice of collecting, analyzing, and reporting on digital data in a way that is legally admissible.
Forensic Investigation ProcessA systematic approach used in forensics for collecting, preserving, and analyzing digital evidence.
Searching and SeizingLegal and technical procedures involved in searching for and seizing digital evidence.
Digital EvidenceInformation stored or transmitted in binary form that may be relied on in court.
First Responder ProceduresGuidelines for the initial handling of digital evidence to preserve its integrity.
Forensics LabA controlled environment where digital forensic analysis is performed.
Hard Disks and File SystemsStorage media and the structures they use to store data, crucial in forensic analysis.
Windows ForensicsTechniques specific to investigating Windows operating systems.
Data Acquisition and DuplicationMethods of capturing and copying digital evidence without altering it.
Recovering Deleted Files and PartitionsTechniques for retrieving data that has been deleted or lost from storage media.
AccessData FTKA digital forensics software used for scanning a hard drive looking for various information.
EnCaseA suite of digital investigations products by Guidance Software that provides data acquisition and analysis.
SteganographyThe practice of hiding messages or information within other non-secret text or data.
Password CrackersTools used to recover or guess passwords from data that have been stored or transmitted.
Log CorrelationThe process of analyzing and correlating logs from various sources for forensic purposes.
Network ForensicsThe capture, recording, and analysis of network events to discover the source of security attacks.
Wireless AttacksMethods of compromising wireless networks, relevant in both attack and defense contexts.
Web AttacksVarious forms of cyberattacks targeted at web resources or carried out through web technologies.
Email CrimesIllegal activities involving email communication, including phishing, spamming, and email fraud.
Mobile InvestigationForensic techniques specifically focused on mobile devices, such as phones and tablets.
Investigative ReportsDocuments that detail the findings of a forensic investigation.
Expert WitnessA person with specialized knowledge or expertise who testifies in court about forensic evidence.
CHFI CertificationA certification for individuals who demonstrate the ability to perform comprehensive computer forensic analysis.
ECC 312-49 ExamThe examination for the Computer Hacking Forensic Investigator certification.
Pearson VUEA company that administers certification exams for various industries, including IT and cybersecurity.
Vendor-NeutralA characteristic of a course or certification that is not focused on any specific vendor’s products or services.
CybersecurityThe practice of protecting systems, networks, and programs from digital attacks.
Chain of CustodyA process that tracks the movement and handling of evidence from the time it is obtained.
Legal StandardsThe requirements set by law for the admissibility of evidence in court.
DoD 8570 / 8140A U.S. Department of Defense directive that lists the required certifications for certain IT positions.

This list provides a foundational understanding of the terms and concepts that are pivotal in the field of computer hacking forensics investigation.

Frequently Asked Questions About CHFI Course – Computer Hacking Forensics Investigator (ECC 312-49)

What is ECC 312-49?

ECC 312-49 refers to the exam code for the Certified Ethical Hacker (CEH) certification, which is offered by the EC-Council. This certification is designed for professionals in the field of information security, particularly those involved in ethical hacking. It validates their skills in identifying vulnerabilities and weaknesses in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.

What are the prerequisites for the ECC 312-49 exam?

To be eligible for the CEH exam, candidates usually need a strong background in information security. While there are no strict educational requirements, it is recommended that candidates have at least two years of work experience in the Information Security domain. Alternatively, candidates can take an official EC-Council training program, which waives the work experience requirement.

What topics are covered in the ECC 312-49 exam?

The CEH exam covers a broad range of topics related to ethical hacking and cybersecurity. These include network scanning, system hacking, malware threats, sniffing, social engineering, denial-of-service attacks, session hijacking, hacking web applications, SQL injection, cryptography, penetration testing, and various other security-related concepts.

How is the ECC 312-49 exam structured?

The CEH exam typically consists of multiple-choice questions that test the candidate’s knowledge and understanding of ethical hacking techniques and tools. The number of questions and the duration of the exam can vary, so it’s important to check the latest exam blueprint from the EC-Council for the most current information.

How can one prepare for the ECC 312-49 exam?

Preparation for the CEH exam can involve a mix of self-study, enrolling in training programs offered by the EC-Council, and practical experience. Many candidates use study guides, online resources, and practice exams to prepare. Hands-on experience with ethical hacking tools and techniques is also highly beneficial. Joining forums and study groups can also provide additional insights and study materials.

Proudly Display
Your Achievement

Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
Example Certificate

Course Outline

Computer Hacking Forensic Investigator (CHFI) Course Content

Module 1: Computer Forensics Introduction

  •    Intro To Course-Part1

  •    Intro To Course-Part2

  •    Intro To Course-Part3

  •    Intro To Course-Part4

  •    Intro To Course-Part5

  •    Intro To Forensics-Part1

  •    Intro To Forensics-Part2

  •    Intro To Forensics-Part3

  •    Intro To Forensics-Part4

  •    Intro To Forensics-Part5

  •    Intro To Forensics-Part6

  •    Intro To Forensics-Part7

  •    Intro To Forensics-Part8

Module 2: Forensics Investigation Process

  •    Forensics Investigation Process-Part1

  •    Forensics Investigation Process-Part2

  •    Forensics Investigation Process-Part3

  •    Forensics Investigation Process-Part4

  •    Forensics Investigation Process-Part5

  •    Forensics Investigation Process-Part6

  •    Forensics Investigation Process-Part7

  •    Forensics Investigation Process-Part8

  •    Forensics Investigation Process-Part9

  •    Forensics Investigation Process-Part10

Module 3: Searching and Seizing

  •    Searching And Seizing-Part1

  •    Searching And Seizing-Part2

  •    Searching And Seizing-Part3

  •    Searching And Seizing-Part4

  •    Searching And Seizing-Part5

Module 4: Digital Evidence

  •    Digital Evidence-Part1

  •    Digital Evidence-Part2

  •    Digital Evidence-Part3

  •    Digital Evidence-Part4

  •    Digital Evidence-Part5

  •    Digital Evidence-Part6

  •    Digital Evidence-Part7

Module 5: First Responder Procedures

  •    First Responder Procedures-Part1

  •    First Responder Procedures-Part2

  •    First Responder Procedures-Part3

  •    First Responder Procedures-Part4

  •    First Responder Procedures-Part5

  •    First Responder Procedures-Part6

  •    First Responder Procedures-Part7

  •    First Responder Procedures-Part8

Module 6: Forensics Lab

  •    Forensic Lab-Part1

  •    Forensic Lab-Part2

  •    Forensic Lab-Part3

  •    Forensic Lab-Part4

  •    Forensic Lab-Part5

Module 7: Hard Disks and File Systems

  •    Hard Disks And File Systems-Part1

  •    Hard Disks And File Systems-Part2

  •    Hard Disks And File Systems-Part3

  •    Hard Disks And File Systems-Part4

  •    Hard Disks And File Systems-Part5

  •    Hard Disks And File Systems-Part6

  •    Hard Disks And File Systems-Part7

  •    Hard Disks And File Systems-Part8

  •    Hard Disks And File Systems-Part9

  •    Hard Disks And File Systems-Part10

Module 8: Windows Forensics

  •    Windows Forensics-Part1

  •    Windows Forensics-Part2

  •    Windows Forensics-Part3

  •    Windows Forensics-Part4

  •    Windows Forensics-Part5

  •    Windows Forensics-Part6

  •    Windows Forensics-Part7

  •    Windows Forensics-Part8

  •    Windows Forensics-Part9

  •    Windows Forensics-Part10

Module 9: Data Acquisition and Duplication

  •    Data Acquisition And Duplication-Part1

  •    Data Acquisition And Duplication-Part2

  •    Data Acquisition And Duplication-Part3

  •    Data Acquisition And Duplication-Part4

  •    Data Acquisition And Duplication-Part5

  •    Data Acquisition And Duplication-Part6

  •    Data Acquisition And Duplication-Part7

Module 10: Recovering Deleted Files and Partitions

  •    Recovering Deleted Files And Partitions-Part1

  •    Recovering Deleted Files And Partitions-Part2

Module 11: Using Access Data FTK

  •    Using Access Data FTK And Special Steps-Part1

  •    Using Access Data FTK And Special Steps-Part2

  •    Using Access Data FTK And Special Steps-Part3

  •    Using Access Data FTK And Special Steps-Part4

  •    Using Access Data FTK And Special Steps-Part5

  •    Using Access Data FTK And Special Steps-Part6

  •    Using Access Data FTK And Special Steps-Part7

  •    Using Access Data FTK And Special Steps-Part8

Module 12: Using EnCase

  •    EnCase-Part1

  •    EnCase-Part2

  •    EnCase-Part3

Module 13: Steganography

  •    Stenography-Part1

  •    Stenography-Part2

  •    Stenography-Part3

  •    Stenography-Part4

Module 14: Password Crackers

  •    Passwords-Part1

  •    Passwords-Part2

  •    Passwords-Part3

  •    Passwords-Part4

Module 15: Log Correlation

  •    Log Correlation-Part1

  •    Log Correlation-Part2

  •    Log Correlation-Part3

  •    Log Correlation-Part4

  •    Log Correlation-Part5

  •    Log Correlation-Part6

Module 16: Network Forensics

  •    Network Forensics-Part1

  •    Network Forensics-Part2

  •    Network Forensics-Part3

  •    Network Forensics-Part4

Module 17: Wireless Attacks

  •    Wireless Attacks-Part1

  •    Wireless Attacks-Part2

  •    Wireless Attacks-Part3

Module 18: Web Attacks

  •    Web Attacks-Part1

  •    Web Attacks-Part2

  •    Web Attacks-Part3

  •    Web Attacks-Part4

  •    Web Attacks-Part5

  •    Web Attacks-Part6

  •    Web Attacks-Part7

  •    Web Attacks-Part8

Module 19: Email Crimes

  •    Email Crimes-Part1

  •    Email Crimes-Part2

  •    Email Crimes-Part3

  •    Email Crimes-Part4

Module 20: Mobile Investigation

  •    Mobile Investigation-Part1

  •    Mobile Investigation-Part2

  •    Mobile Investigation-Part3

  •    Mobile Investigation-Part4

  •    Mobile Investigation-Part5

Module 21: Investigative Reports

  •    Investigation Reports-Part1

  •    Investigation Reports-Part2

  •    Investigation Reports-Part3

  •    Investigation Reports-Part4

Module 22: Expert Witness

  •    Expert Witness-Part1

  •    Expert Witness-Part2

  •    Expert Witness-Part3

Add a review
Currently, we are not accepting new reviews
Based on 67 reviews
1-5 of 67 reviews
  1. MaryBeth is an awesome Rep!

Your Training Instructor

Dean Bushmiller

Dean Bushmiller

Lead Instructor for Expanding Security

Dean has had fun for the past 20 years learning and teaching everything he can in technology and security. His consulting experience in accounting systems, inventory control, migrations, and patch management has breathed life into his 12 years in the class room. Dean is a courseware developer who specializes in CISSP and security training. He is the lead instructor for Expanding Security and teaches online as his main job. As a non-military person, he is a proud recipient of six mission coins.

Computer Hacking Forensics Investigator (CHFI)



Subscribe To All-Access
Lock In $14.99 / Month Forever

Gain access to this training and all our other courses, offering over 2,500 hours of content, with our cost-effective monthly subscription. No obligations. Cancel anytime.

$49.00 $14.99 Monthly

Computer Hacking Forensics Investigator (CHFI)

Computer Hacking Forensics Investigator (CHFI)
Additional Options to Access This Training
This training is also part of our extensive training library containing over 225 courses, 12,000+ videos and over 19,000 practice test questions.

Monthly All-Access Subscription
7 Days Free - $39.00 / month

A great option at an affordable monthly price.

Annual All-Access Subscription
$229 / year

A discounted price when paying for your All Access library on an annual basis.

Lifetime All-Access Library
$379 One time payment

Exceptional Value. Pay once, never have to buy IT training again.

Related Courses


Gain the upper hand in cybersecurity with Certified Ethical Hacker v12 training. Enroll now in our affordable online course and start learning today!

Certified Ethical Hacker v12 is the latest iteration of EC-Council’s Certified Ethical Hacker v12 series. ITU offers CEH training to provide you the tools to research, discover and scan targets, analyze vulnerabilities and test attack methods and tools. The focus of this CEH online training course is to solve the challenge of breaking into a target network, collect evidence of success, and escape unnoticed. Every lesson and topic are infused with step-by-step guided practice using real hardware- and software-based hacking tools. Throughout both lecture and hands-on activities, the instructor, Chrys Thorsen provides commentary from the field including tips, tricks and hard-learned lessons.

Add To Cart


Boost your cybersecurity skills and career prospects with our CISM certification Training – Certified Information Systems Manager program. Enroll now!

The CISM certification training course is designed to provide on-the-job skills, as well as knowledge to pass the Certified Information System Manager (CISM) certification exam. This cybersecurity training focuses on more advanced topics and should be completed after various certifications in Cisco and Microsoft have been earned, such as PenTest+ or CySA+.

Add To Cart


Become a Certified Information Systems Auditor (CISA) with our online training course. Prepare for the exam and advance your career in cybersecurity.

CISAs are comparable to what CPAs and CAs are to the accounting industry. They uphold high standards, manage risks, promote compliance, offer solutions, Governance & Management, institute controls and deliver enterprise value. Due to their audit experience skillset and credibility CISAs are recognized internationally as professionals in this field.

Add To Cart