Computer Hacking Forensics Investigator (CHFI) - ITU Online

Computer Hacking Forensics Investigator (CHFI)

This CHFI course will cover the security discipline of computer forensics from a vendor-neutral perspective and work towards preparing students to become Forensic Investigators in Computer Hacking.

Included In This Course

Quickbooks Online Training
18 Hrs 27 Min
133 On-demand Videos
Closed Captions

Closed Captions

Course Topics
22  Topics
Question & Answers
62 Prep Questions
Certificate of Completion

Certificate of Completion

Course Description for Computer Hacking Forensics Investigator (CHFI) Certification Training

The Computer Hacking Forensics Investigator (CHFI) course provides comprehensive training in the field of digital forensics. This course covers a wide range of topics, including computer forensics, digital evidence, and forensic investigation processes. Students will learn how to detect hacking attacks, properly extract evidence, and manage incidents to prevent future attacks. The course includes practical exercises that simulate real-world scenarios to enhance the learning experience.

By enrolling in this course, you’ll gain hands-on experience with tools such as Access Data FTK and EnCase, which are essential for conducting thorough investigations. You will also learn about advanced topics like steganography, password cracking, and network forensics. This course is designed to equip you with the skills needed to become a proficient Computer Hacking Forensics Investigator.

What You Will Learn: Key Skills and Knowledge Areas

In this course, you will acquire the following skills and knowledge:

  • Comprehensive understanding of computer forensics and the forensic investigation process.
  • Techniques for searching and seizing digital evidence.
  • Methods for analyzing and handling digital evidence.
  • First responder procedures for incident management.
  • Setup and operation of a forensic lab.
  • In-depth knowledge of hard disks, file systems, and Windows forensics.
  • Data acquisition and duplication techniques.
  • Recovering deleted files and partitions.
  • Utilizing Access Data FTK and EnCase for forensic investigations.
  • Understanding and applying steganography and password cracking techniques.
  • Log correlation, network forensics, and analyzing wireless and web attacks.
  • Investigating email crimes and conducting mobile investigations.
  • Preparing investigative reports and serving as an expert witness.

This course provides a solid foundation in digital forensics, enabling you to effectively handle forensic investigations and manage cybersecurity incidents.

Exam Objectives for CHFI Certification

The CHFI certification is governed by EC-Council. The exam objectives include:

  • Computer Forensics: Understanding the fundamentals and key concepts.
  • Investigation Processes: Learning the steps involved in conducting a forensic investigation.
  • Searching and Seizing: Techniques for legally obtaining digital evidence.
  • Handling Digital Evidence: Proper methods for managing and analyzing evidence.
  • Forensics Lab Setup: Requirements and setup procedures for a forensic lab.
  • File Systems: Understanding the structure and analysis of various file systems.
  • Data Acquisition: Techniques for acquiring and duplicating data.
  • Forensic Tools: Using Access Data FTK, EnCase, and other forensic tools.
  • Advanced Forensics: Steganography, password cracking, log correlation, and network forensics.
  • Specialized Investigations: Email crimes, mobile investigations, and web attacks.
  • Reporting: Preparing comprehensive investigative reports and presenting findings as an expert witness.

Who This CHFI Course is For: Target Audience

This course is ideal for:

  • IT professionals seeking to specialize in digital forensics.
  • Security officers and law enforcement personnel.
  • Network administrators and cybersecurity analysts.
  • Legal professionals and consultants involved in cybercrime investigations.
  • Individuals interested in pursuing a career in cybersecurity and digital forensics.

Whether you are a beginner or an experienced professional, this course will provide valuable insights and practical skills to enhance your expertise in computer forensics.

Possible Jobs You Can Get With This Knowledge: Career Opportunities

Completing this course can open up several career opportunities, including:

  • Computer Forensics Investigator
  • Digital Forensics Analyst
  • Incident Responder
  • Cybersecurity Analyst
  • IT Security Consultant
  • Network Security Engineer
  • Law Enforcement Officer specializing in Cybercrime
  • Legal Consultant for Digital Evidence

These roles are crucial in protecting organizations from cyber threats and ensuring the integrity of digital evidence in legal proceedings.

Average Industry Salaries for People with These Skills: Financial Benefits

With the skills gained from this course, you can expect competitive salaries in the industry:

  • Computer Forensics Investigator: $75,000 – $120,000 per year
  • Digital Forensics Analyst: $70,000 – $110,000 per year
  • Incident Responder: $80,000 – $115,000 per year
  • Cybersecurity Analyst: $85,000 – $130,000 per year
  • IT Security Consultant: $90,000 – $140,000 per year
  • Network Security Engineer: $85,000 – $125,000 per year

These figures highlight the lucrative nature of careers in digital forensics and cybersecurity.

Get Started Today: Enroll in the CHFI Certification Course

Take the first step towards becoming a certified Computer Hacking Forensics Investigator by enrolling in our CHFI course today. This course will provide you with the essential skills and knowledge to excel in the field of digital forensics. Don’t miss this opportunity to advance your career and contribute to the fight against cybercrime. Sign up now and start your journey towards certification and a rewarding career in cybersecurity!

Key Term Knowledge Base: Key Terms Related to Computer Hacking Forensics Investigator (CHFI) Course

Understanding the key terms in the field of Computer Hacking Forensic Investigation is crucial for anyone interested in pursuing a career in cybersecurity, digital forensics, or a related field. This knowledge is not only essential for grasping the concepts taught in courses like the CHFI but also for practical application in real-world scenarios. The terms listed below encompass various aspects of digital forensics, including investigation processes, tools, and legal considerations, providing a comprehensive vocabulary for aspiring forensic investigators.

Computer ForensicsThe practice of collecting, analyzing, and reporting on digital data in a way that is legally admissible.
Forensic Investigation ProcessA systematic approach used in forensics for collecting, preserving, and analyzing digital evidence.
Searching and SeizingLegal and technical procedures involved in searching for and seizing digital evidence.
Digital EvidenceInformation stored or transmitted in binary form that may be relied on in court.
First Responder ProceduresGuidelines for the initial handling of digital evidence to preserve its integrity.
Forensics LabA controlled environment where digital forensic analysis is performed.
Hard Disks and File SystemsStorage media and the structures they use to store data, crucial in forensic analysis.
Windows ForensicsTechniques specific to investigating Windows operating systems.
Data Acquisition and DuplicationMethods of capturing and copying digital evidence without altering it.
Recovering Deleted Files and PartitionsTechniques for retrieving data that has been deleted or lost from storage media.
AccessData FTKA digital forensics software used for scanning a hard drive looking for various information.
EnCaseA suite of digital investigations products by Guidance Software that provides data acquisition and analysis.
SteganographyThe practice of hiding messages or information within other non-secret text or data.
Password CrackersTools used to recover or guess passwords from data that have been stored or transmitted.
Log CorrelationThe process of analyzing and correlating logs from various sources for forensic purposes.
Network ForensicsThe capture, recording, and analysis of network events to discover the source of security attacks.
Wireless AttacksMethods of compromising wireless networks, relevant in both attack and defense contexts.
Web AttacksVarious forms of cyberattacks targeted at web resources or carried out through web technologies.
Email CrimesIllegal activities involving email communication, including phishing, spamming, and email fraud.
Mobile InvestigationForensic techniques specifically focused on mobile devices, such as phones and tablets.
Investigative ReportsDocuments that detail the findings of a forensic investigation.
Expert WitnessA person with specialized knowledge or expertise who testifies in court about forensic evidence.
CHFI CertificationA certification for individuals who demonstrate the ability to perform comprehensive computer forensic analysis.
ECC 312-49 ExamThe examination for the Computer Hacking Forensic Investigator certification.
Pearson VUEA company that administers certification exams for various industries, including IT and cybersecurity.
Vendor-NeutralA characteristic of a course or certification that is not focused on any specific vendor’s products or services.
CybersecurityThe practice of protecting systems, networks, and programs from digital attacks.
Chain of CustodyA process that tracks the movement and handling of evidence from the time it is obtained.
Legal StandardsThe requirements set by law for the admissibility of evidence in court.
DoD 8570 / 8140A U.S. Department of Defense directive that lists the required certifications for certain IT positions.

This list provides a foundational understanding of the terms and concepts that are pivotal in the field of computer hacking forensics investigation.

Frequently Asked Questions About CHFI Course – Computer Hacking Forensics Investigator (ECC 312-49)

What is ECC 312-49?

ECC 312-49 refers to the exam code for the Certified Ethical Hacker (CEH) certification, which is offered by the EC-Council. This certification is designed for professionals in the field of information security, particularly those involved in ethical hacking. It validates their skills in identifying vulnerabilities and weaknesses in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.

What are the prerequisites for the ECC 312-49 exam?

To be eligible for the CEH exam, candidates usually need a strong background in information security. While there are no strict educational requirements, it is recommended that candidates have at least two years of work experience in the Information Security domain. Alternatively, candidates can take an official EC-Council training program, which waives the work experience requirement.

What topics are covered in the ECC 312-49 exam?

The CEH exam covers a broad range of topics related to ethical hacking and cybersecurity. These include network scanning, system hacking, malware threats, sniffing, social engineering, denial-of-service attacks, session hijacking, hacking web applications, SQL injection, cryptography, penetration testing, and various other security-related concepts.

How is the ECC 312-49 exam structured?

The CEH exam typically consists of multiple-choice questions that test the candidate’s knowledge and understanding of ethical hacking techniques and tools. The number of questions and the duration of the exam can vary, so it’s important to check the latest exam blueprint from the EC-Council for the most current information.

How can one prepare for the ECC 312-49 exam?

Preparation for the CEH exam can involve a mix of self-study, enrolling in training programs offered by the EC-Council, and practical experience. Many candidates use study guides, online resources, and practice exams to prepare. Hands-on experience with ethical hacking tools and techniques is also highly beneficial. Joining forums and study groups can also provide additional insights and study materials.

Proudly Display
Your Achievement

Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
Example Certificate

Computer Hacking Forensic Investigator (CHFI) Course Content

Module 1: Computer Forensics Introduction

  •    Intro To Course-Part1
  •    Intro To Course-Part2
  •    Intro To Course-Part3
  •    Intro To Course-Part4
  •    Intro To Course-Part5
  •    Intro To Forensics-Part1
  •    Intro To Forensics-Part2
  •    Intro To Forensics-Part3
  •    Intro To Forensics-Part4
  •    Intro To Forensics-Part5
  •    Intro To Forensics-Part6
  •    Intro To Forensics-Part7
  •    Intro To Forensics-Part8

Module 2: Forensics Investigation Process

  •    Forensics Investigation Process-Part1
  •    Forensics Investigation Process-Part2
  •    Forensics Investigation Process-Part3
  •    Forensics Investigation Process-Part4
  •    Forensics Investigation Process-Part5
  •    Forensics Investigation Process-Part6
  •    Forensics Investigation Process-Part7
  •    Forensics Investigation Process-Part8
  •    Forensics Investigation Process-Part9
  •    Forensics Investigation Process-Part10

Module 3: Searching and Seizing

  •    Searching And Seizing-Part1
  •    Searching And Seizing-Part2
  •    Searching And Seizing-Part3
  •    Searching And Seizing-Part4
  •    Searching And Seizing-Part5

Module 4: Digital Evidence

  •    Digital Evidence-Part1
  •    Digital Evidence-Part2
  •    Digital Evidence-Part3
  •    Digital Evidence-Part4
  •    Digital Evidence-Part5
  •    Digital Evidence-Part6
  •    Digital Evidence-Part7

Module 5: First Responder Procedures

  •    First Responder Procedures-Part1
  •    First Responder Procedures-Part2
  •    First Responder Procedures-Part3
  •    First Responder Procedures-Part4
  •    First Responder Procedures-Part5
  •    First Responder Procedures-Part6
  •    First Responder Procedures-Part7
  •    First Responder Procedures-Part8

Module 6: Forensics Lab

  •    Forensic Lab-Part1
  •    Forensic Lab-Part2
  •    Forensic Lab-Part3
  •    Forensic Lab-Part4
  •    Forensic Lab-Part5

Module 7: Hard Disks and File Systems

  •    Hard Disks And File Systems-Part1
  •    Hard Disks And File Systems-Part2
  •    Hard Disks And File Systems-Part3
  •    Hard Disks And File Systems-Part4
  •    Hard Disks And File Systems-Part5
  •    Hard Disks And File Systems-Part6
  •    Hard Disks And File Systems-Part7
  •    Hard Disks And File Systems-Part8
  •    Hard Disks And File Systems-Part9
  •    Hard Disks And File Systems-Part10

Module 8: Windows Forensics

  •    Windows Forensics-Part1
  •    Windows Forensics-Part2
  •    Windows Forensics-Part3
  •    Windows Forensics-Part4
  •    Windows Forensics-Part5
  •    Windows Forensics-Part6
  •    Windows Forensics-Part7
  •    Windows Forensics-Part8
  •    Windows Forensics-Part9
  •    Windows Forensics-Part10

Module 9: Data Acquisition and Duplication

  •    Data Acquisition And Duplication-Part1
  •    Data Acquisition And Duplication-Part2
  •    Data Acquisition And Duplication-Part3
  •    Data Acquisition And Duplication-Part4
  •    Data Acquisition And Duplication-Part5
  •    Data Acquisition And Duplication-Part6
  •    Data Acquisition And Duplication-Part7

Module 10: Recovering Deleted Files and Partitions

  •    Recovering Deleted Files And Partitions-Part1
  •    Recovering Deleted Files And Partitions-Part2

Module 11: Using Access Data FTK

  •    Using Access Data FTK And Special Steps-Part1
  •    Using Access Data FTK And Special Steps-Part2
  •    Using Access Data FTK And Special Steps-Part3
  •    Using Access Data FTK And Special Steps-Part4
  •    Using Access Data FTK And Special Steps-Part5
  •    Using Access Data FTK And Special Steps-Part6
  •    Using Access Data FTK And Special Steps-Part7
  •    Using Access Data FTK And Special Steps-Part8

Module 12: Using EnCase

  •    EnCase-Part1
  •    EnCase-Part2
  •    EnCase-Part3

Module 13: Steganography

  •    Stenography-Part1
  •    Stenography-Part2
  •    Stenography-Part3
  •    Stenography-Part4

Module 14: Password Crackers

  •    Passwords-Part1
  •    Passwords-Part2
  •    Passwords-Part3
  •    Passwords-Part4

Module 15: Log Correlation

  •    Log Correlation-Part1
  •    Log Correlation-Part2
  •    Log Correlation-Part3
  •    Log Correlation-Part4
  •    Log Correlation-Part5
  •    Log Correlation-Part6

Module 16: Network Forensics

  •    Network Forensics-Part1
  •    Network Forensics-Part2
  •    Network Forensics-Part3
  •    Network Forensics-Part4

Module 17: Wireless Attacks

  •    Wireless Attacks-Part1
  •    Wireless Attacks-Part2
  •    Wireless Attacks-Part3

Module 18: Web Attacks

  •    Web Attacks-Part1
  •    Web Attacks-Part2
  •    Web Attacks-Part3
  •    Web Attacks-Part4
  •    Web Attacks-Part5
  •    Web Attacks-Part6
  •    Web Attacks-Part7
  •    Web Attacks-Part8

Module 19: Email Crimes

  •    Email Crimes-Part1
  •    Email Crimes-Part2
  •    Email Crimes-Part3
  •    Email Crimes-Part4

Module 20: Mobile Investigation

  •    Mobile Investigation-Part1
  •    Mobile Investigation-Part2
  •    Mobile Investigation-Part3
  •    Mobile Investigation-Part4
  •    Mobile Investigation-Part5

Module 21: Investigative Reports

  •    Investigation Reports-Part1
  •    Investigation Reports-Part2
  •    Investigation Reports-Part3
  •    Investigation Reports-Part4

Module 22: Expert Witness

  •    Expert Witness-Part1
  •    Expert Witness-Part2
  •    Expert Witness-Part3
Add a review
Currently, we are not accepting new reviews
Based on 81 reviews
1-5 of 81 reviews
  1. SJ


  2. AA
  3. K
  4. BO
  5. A

    Smooth delivery and easy access to LMS. Good to see that the LMS offers progress tracking. Would be great if badges were offered on completion of courses to share via Credly to future employers.

Your Training Instructor

Dean Bushmiller

Dean Bushmiller

Lead Instructor for Expanding Security

Dean has had fun for the past 20 years learning and teaching everything he can in technology and security. His consulting experience in accounting systems, inventory control, migrations, and patch management has breathed life into his 12 years in the class room. Dean is a courseware developer who specializes in CISSP and security training. He is the lead instructor for Expanding Security and teaches online as his main job. As a non-military person, he is a proud recipient of six mission coins.


Subscribe To All-Access
Lock In $16.99 / Month Forever

Gain access to this training and all our other courses with our cost-effective monthly subscription. No obligations. Cancel anytime.

$49.99 $16.99 Monthly



today Only: 1-Year For $79.00!

Get 1-year full access to every course, over 2,600 hours of focused IT training, 20,000+ practice questions at an incredible price of only $79.00

Learn CompTIA, Cisco, Microsoft, AI, Project Management & More...