EC-Council Computer Hacking Forensics Investigator (CHFI) v10

1. Introduction to Computer Forensics

   – Fundamental principles of computer forensics

   – Cybercrimes and investigation procedures

   – Digital evidence and forensic readiness

   – Roles and responsibilities of a forensic investigator

   – Legal compliance in computer forensics

2. Computer Forensics Investigation Process

   – Phases of forensic investigation

   – Pre-investigation, first response, investigation, and post-investigation phases

3. Understanding Hard Disks and File Systems

   – Types of disk drives and characteristics

   – Logical structure of a disk

   – Booting process of Windows, Linux, and Mac OS

   – Various file systems of different operating systems

   – File system examination using Autopsy and The Sleuth Kit tools

   – Storage systems and encoding standards

4. Data Acquisition and Duplication

   – Fundamentals and methodology of data acquisition

   – Image file preparation for examination

5. Defeating Anti-forensics Techniques

   – Understanding anti-forensics techniques

   – Data deletion, recycle bin forensics, and file carving techniques

   – Password cracking, steganography, and encryption detection

   – Detection of program packers and footprint minimizing techniques

6. Windows Forensics

   – Collection of volatile and non-volatile information

   – Analysis of Windows memory, registry, and web browser data

   – Examination of Windows files, metadata, logs, and event logs

7. Linux and Mac Forensics

   – Analysis of volatile and non-volatile data in Linux

   – File system image analysis using The Sleuth Kit

   – Memory forensics in Linux and Mac systems

8. Network Forensics

   – Logging fundamentals and network forensic readiness

   – Event correlation and indicators of compromise (IoCs)

   – Network traffic investigation and incident detection

   – Wireless network attack monitoring

9. Investigating Web Attacks

   – Web application forensics

   – Analysis of IIS and Apache web server logs

   – Intrusion detection system (IDS) and web application firewall (WAF) functionality

   – Investigation of web attacks on Windows-based servers

10. Dark Web Forensics

    – Understanding the dark web

    – Tracing Tor browser and performing Tor browser forensics

11. Database Forensics

    – Importance of database forensics

    – Data storage and evidence repositories in MSSQL Server

    – Forensics in MySQL and forensic methodologies

12. Cloud Forensics

    – Basic cloud computing concepts

    – Fundamentals of cloud forensics and investigation in AWS and Azure

    – Forensic methodologies for containers and microservices

13. Investigating Email Crimes

    – Basics of email and email crime investigation

    – U.S. laws against email crime

14. Malware Forensics

    – Identifying and analyzing malware

    – Static and dynamic analysis of malware

    – Fileless malware attacks and analysis

    – Emotet malware analysis

15. Mobile Forensics

    – Importance of mobile device forensics

    – Architectural layers, boot processes, and data acquisition in Android and iOS devices

    – Mobile network data investigation and forensic challenges

16. IoT Forensics

    – Understanding IoT and its security problems

    – Forensic analysis of IoT devices and threats