312-49 V8 : CHFI v8 - Computer Hacking Forensic Investigator

312-49-v8
CHFI v8 - Computer Hacking Forensic Investigator
ISBN : 978-1-61691-150-8
Gain hands-on expertise in EC-Council Computer Hacking Forensic Investigator: 312-49v8 exam with Computer Hacking Forensic Investigator course. The course covers all the objectives of the 312-49v8 exam and provides competence across a spectrum of skills including computer forensics, digital evidence, steganography, application password crackers, log capturing, event correlation, investigation of various attacks, and much more.

Here's what will you get

The EC-Council Computer Hacking Forensic Investigator exam is a standalone certification from EC-Council with the exam code 312-49.

The certification is targeted at law enforcement personnel, system administrators, security officers, defense and military personnel, legal professionals, bankers, security professionals and anyone who is concerned about the integrity of the network infrastructure. The exam covers computer forensics, digital evidence, rules of evidence, digital evidence examination process, password cracking concepts, and log capturing techniques.

Lessons
22+
Exercises
100+
Quizzes
494+
Flashcards
272+
Glossary of terms
272+
Pre-assessment Questions
100+
Full Length Tests
3+
Post-Assessment Questions
100+
Exam FAQs
What is the exam registration fee? USD 500
Where do I take the exam?

The EC-Council 312-49-v8 exam is administered by Prometric and Pearson Vue at testing centers worldwide.

  • For Prometric: Click here to find a testing center near you.
  • For Pearson: Click here to find a testing center near you.
What is the format of the exam? The exam consists of multiple choice questions.
What are the pre-requisites of the exam? While there are no official pre-requisites for the CHFI certification, both EC-Council and uCertify strongly recommend that the candidate have attended the CEH class before enrolling into CHFI Program and have a good understanding of modern operating system, networking, and security fundamentals.
How many questions are asked in the exam? The exam contains 150 questions.
What is the duration of the exam? 240 minutes
What is the passing score? 70%

(on a scale of 0-1000)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the EC-Council Computer Hacking Forensic Investigator certification, 's retake policy is:

  • If a candidate is not able to pass the exam on the first attempt, no waiting period is required to attempt the exam for the second time
  • If a candidate is not able to pass the exam in second attempt, a waiting period of 14 days is required
  • If a candidate is not able to pass the third attempt, a waiting period of 14 days is required
  • If a candidate is not able to pass the fourth attempt, a waiting period of 14 days is required
  • A candidate is not allowed to take a given exam more than five times in a 12 month period and a waiting period of 12 months will be imposed before being allowed to attempt the exam for the sixth time
  • Candidates who pass the exam are not allowed to attempt the same version of the exam for the second time
  • Candidate can purchase from EC-Council (VUE &Prometric APTC vouchers) or EC-Council Test Centers (Prometric Prime vouchers) to retake the exam at the cost of $500
What is the validity of the certification? EC-Council Computer Hacking Forensic Investigator v8 certification expires two years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.
Where can I find more information about this exam? To know more about the 312-49-v8, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?

An EC-Council Computer Hacking Forensic Investigator Certified Professional has several career opportunities open up to them, including:

  • Systems Engineer
  • Systems Architect
  • Network Security Specialist
  • Licensed Penetration Tester
  • Computer Forensics Investigator

Here's what will you learn

  • Define computer forensics
  • Discuss the evolution of computer forensics
  • Explain the objectives and benefits of computer forensics
  • Discuss forensic readiness planning in detail
  • Explain cybercrimes
  • Examine various computer crimes
  • What is cybercrime investigation?
  • Explain the key steps and rules in a forensic investigation
  • What is the role of a forensic investigator?
  • How to access computer forensics resources
  • Describe the role of digital evidence in forensic investigation
  • Understanding Corporate Investigations
  • Explain the key concepts of Enterprise Theory of Investigation (ETI)
  • Discuss various legal issues and reports related to computer forensic investigations
  • Provide an overview of the computer crime investigation process
  • Describe computer forensics investigation methodology
  • Summarize the steps to prepare for a computer forensics investigation
  • How to obtain a search warrant
  • How to evaluate and secure a scene
  • How to collect and secure the evidence in a forensically sound manner
  • Explain the different techniques to acquire and analyze the data
  • Summarize the importance of evidence and case assessment
  • How to prepare the final investigation report
  • Testify in the Court as an Expert Witness
  • Explain about Computer Forensic Service Providers
  • How to search and seize computers without a warrant
  • Discuss the Fourth Amendment's Reasonable Expectation of Privacy
  • What is consent and discuss the scope of consent
  • Summarize the steps involved in searching and seizing computers with a warrant
  • Examine the basic strategies for executing computer searches
  • Discuss the Privacy Protection Act
  • Describe drafting the warrant and affidavit
  • Explain the post-seizure issues
  • Describe the Electronic Communications Privacy Act
  • What is voluntary disclosure?
  • Electronic Surveillance in Communications Networks
  • Discuss how content is different from addressing information
  • Provide an overview of evidence and authentication
  • Define digital evidence and explain its role in case of a computer security incident
  • Discuss the characteristics of digital evidence
  • What are the various types of digital data?
  • What is best evidence rule?
  • Discuss federal rules of evidence
  • Summarize the international principles for computer evidence
  • Discuss about the Scientific Working Group on Digital Evidence (SWGDE)
  • What are the considerations for collecting digital evidence from electronic crime scenes?
  • Provide an overview of digital evidence examination process and steps involved
  • Explain electronic crime and digital evidence consideration by crime category
  • Define electronic evidence
  • Who is first responder?
  • Provide an overview on how to collect and store electronic evidence
  • Describe first responder tool kit and how to create it
  • How to get first response from laboratory forensic staff
  • Provide an overview on how to collect and secure electronic evidence at the crime scene
  • Explain how to conduct preliminary interviews
  • How to document electronic crime scene
  • Explain how to collect and preserve electronic evidence
  • Explain how to package and transport electronic evidence in a forensically sound manner
  • How to prepare a report on the crime scene
  • Provide a checklist for the first responders
  • Discuss the first responder's common mistakes
  • How to set up a computer forensics lab
  • Discuss the investigative services in computer forensics
  • What are the basic hardware requirements in a forensics lab?
  • List and summarize various hardware forensic
  • Discuss the basic software requirements in a forensics lab
  • Summarize various software forensic tools
  • What is a hard disk drive?
  • Explain solid-state drive (SSD)
  • Provide an overview of physical and logical structure of a hard disk
  • Describe the various types of hard disk interfaces
  • Examine the components of a hard disk
  • What are disk partitions?
  • Explain Windows and Macintosh boot process
  • What are file systems?
  • Explain various types of file systems
  • Provide an overview of Windows, Linux, Mac OS X, and Sun Solaris 10 file systems
  • Discuss about CD-ROM/DVD File System
  • Explain about RAID storage system and RAID levels
  • Explain file system analysis using the sleuth
  • What is volatile information?
  • Explain what is network and process information
  • Define non-volatile information
  • Describe memory dump
  • Parsing Process Memory
  • Describe the different techniques for collecting non-volatile information
  • Explain various processes involved in forensic investigation of a Windows system
  • Provide an overview of IIS, FTP, and system firewall logs
  • Discuss the importance of audit events and event logs in Windows forensics
  • Explain the static and dynamic event log analysis techniques
  • Discuss different Windows password security issues such as password cracking
  • How to analyze restore point registry settings
  • Provide an overview of cache, cookie, and history analysis
  • How to evaluate account management events
  • How to search with Event Viewer
  • Discuss various forensics tools
  • Define data acquisition and explain various types of data acquisition systems
  • Explain various data acquisition formats and methods
  • How to determine a best acquisition method?
  • What is contingency planning for image acquisitions?
  • Describe static and live data acquisition
  • Provide an overview of volatile data collection methodology
  • Explain various types of volatile information
  • What are the requirements of the disk imaging tool?
  • How to validate data acquisitions
  • Discuss Linux and Windows validation methods
  • How to acquire RAID Disks
  • Examine the best practices of acquisition
  • List various data acquisition software and hardware tools
  • Explain how to recover files in Windows, MAC, Linux, for Windows
  • Discuss file recovery tools for Windows, MAC, and Linux
  • How to identify creation date, last accessed date of a file, and deleted sub-directories
  • Steps to recover the deleted partitions and list partition recovery tools
  • What is Forensic Toolkit (FTK) and discuss its various features
  • Explain FTK installation steps
  • Discuss about FTK Case Manager
  • How to restore an image to a disk?
  • Explain the FTK examiner user interface
  • How to verify drive image integrity
  • Discuss how to mount an image to a drive
  • Summarize the steps involved in creating a case
  • Discuss the functions of FTK interface tabs
  • Explain the steps involved in adding evidence to a case
  • How to acquire local live evidence
  • Explain the steps involved in acquiring data remotely using remote device management system (RDMS)
  • Discuss the steps involved in imaging drives
  • How to mount and unmount a device
  • Explain the steps involved in conducting an index search and live search
  • How to decrypt EFS Files and Folders
  • Provide an overview of EnCase forensic
  • Discuss EnCase, its uses, and functionality
  • Discuss about EnCase forensic modules
  • How to install EnCase forensic
  • Explain how to configure EnCase
  • Provide an overview of case structure
  • What is case management?
  • How to add a Device to a Case and how to acquire a Device
  • Explain the verification process of evidence files
  • What is a source processor?
  • Discuss how to analyze and search files
  • Describe how to view file content
  • Provide an overview on bookmarks
  • How to create various types of bookmark?
  • Explain how to create a report using the Report tab
  • How to export a Report
  • Summarize steganography and its types
  • List the application of steganography
  • Discuss various digital steganography techniques
  • What is Steganalysis?
  • How to detect steganography
  • List various steganography detection tools
  • Discuss about image file formats
  • How to compress data
  • How to process forensic image using MATLAB
  • Explain how to locate and recover image files
  • How to identify unknown file formats
  • List picture viewer tools and image file forensic tools
  • What are the terminologies used?
  • Explain the functionality of password crackers
  • Summarize various types of passwords
  • What is a password cracker?
  • How does a password cracker work?
  • Discuss various password cracking techniques
  • List various types of password attacks
  • List various system and application software password cracking
  • What are default passwords?
  • Discuss various password cracking tools
  • What are computer security logs?
  • Discuss about logon events in Windows
  • What are IIS logs?
  • How to view the DHCP logs
  • What is ODBC logging?
  • Explain the legality of using logs
  • Explain log management
  • Discuss various challenges in log management
  • Centralized logging
  • Discuss about syslog
  • Why Synchronize Computer Times
  • What is NTP?
  • List various NIST time servers
  • Discuss various event correlation approaches
  • List various log capturing and analysis tools
  • Summarize network forensics concepts
  • Explain the network forensics analysis mechanism
  • What are intrusion detection systems (IDS)?
  • Define the terms firewall and honeypot
  • Discuss various network vulnerabilities
  • Explain various types of network attacks
  • Explain the new line injection attack and the timestamp injection attack
  • Where to look for evidence
  • How to handle logs as evidence
  • Explain how to condense a log file
  • Why to Investigate Network Traffic
  • How to acquire traffic using DNS poisoning techniques
  • Explain how to gather from the ARP table
  • List various traffic capturing and analysis tools
  • Discuss the advantages and disadvantages of wireless networks
  • List different components of wireless networks
  • What are the various types of wireless networks?
  • List various types of wireless standards
  • What is MAC filtering?
  • What is a Service Set Identifier (SSID)?
  • Discuss various types of wireless encryption
  • List various types of wireless attacks
  • How to investigate wireless attacks
  • What are the requirements of a tool design and summarize the best practices for wireless forensics
  • List various wireless forensics tools
  • What are Web applications?
  • Explain Web application architecture
  • Why Web servers are compromised
  • Provide an overview of Web logs
  • What are Internet Information Services (IIS) and Apache Web server Logs?
  • Discuss various types of Web attacks
  • How to investigate Web attacks?
  • Explain the investigation process of Web attacks in Windows-based servers
  • Describe how to investigate IIS and Apache logs
  • When does Web page defacement occur?
  • Discuss various security strategies to Web applications
  • List various Web attack detection tools
  • Discuss about various tools for locating an IP address
  • Explain the terms E-mail system, E-mail client, E-mail server, and E-mail message
  • Discuss the importance of electronic records management
  • Discuss various types of E-mail crimes
  • Provide examples of E-mail header
  • List Common Headers
  • Why to Investigate E-mails
  • Discuss the steps involved in investigation of E-mail crimes
  • List various E-mail forensics tools
  • What are the different laws and acts against E-mail crimes?
  • List different mobile devices
  • What are the hardware and software characteristics of mobile devices?
  • What is a cellular network?
  • Provide an overview of mobile operating systems
  • Discuss various types of mobile operating systems
  • What a criminal can do with mobiles phones
  • Describe various mobile forensic challenges
  • Discuss various memory considerations in mobiles
  • What are the different precautions to be taken before an investigation?
  • Explain the process involved in mobile forensics
  • List various mobile forensic hardware and software tools
  • Explain the importance of reports and need of an investigative report
  • Discuss the salient features of a good report
  • Provide computer forensic report template
  • How is a report classified
  • Provide layout of an investigative report
  • What are the guidelines for writing a report?
  • Provide an overview of an investigative report format
  • How to document a case report
  • What are the best practices for investigators?
  • How to write a report using FTK and ProDiscover
  • What is an Expert witness?
  • Explain the role of an expert witness
  • Describe various types of expert witnesses
  • What is the scope of expert witness testimony?
  • Explain the differences between Technical Witness and Expert Witness
  • What are the various steps involved in evidence processing?
  • How to prepare a report
  • List the rules pertaining to an expert witness' qualification
  • How to testify in court
  • What are the general ethics while testifying?
  • How to testify during direct and cross-examination
  • How to find a computer forensic expert
uCertify

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved
app_store
google_play