The term cyber-crime no longer refers only to hackers and other external attackers. The ubiquity of computers as a communications tool means that the role of computer forensics - the practice of examining historical activity on electronic devices when someone suspects inappropriate or illegal activity - will continue to grow in importance. These days, each and every case of fraud involves a very strong element of computer-based evidence. Hence, forensic tools and the professionals with the qualifications to use them have also become critical resources in every major organization.

Computer Forensics is the art and science of applying computer science to aid the legal process. Computer forensics requires specialized expertise and tools that goes above and beyond the normal data collection and preservation techniques available to end-users or system support personnel.

Computer Forensics is the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Securing and analyzing electronic evidence is a central theme in an ever-increasing number of conflict situations and criminal cases.

This process often involves the investigation and examination of data that resides on digital media such as data storage devices, hard drives, portable data devices (USB Drives, External drives, Micro Drives and many more).

Electronic evidence is critical in the following situations: Computer break-ins, Possession of pornography, Breach of contract, Industrial espionage, E-mail Fraud, Bankruptcy, Disputed dismissals, Web page defacements, Theft of company documents etc.

About this workshop

This workshop will give participants the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute. Many of today's top tools of the forensic trade will be taught during this course, including software, hardware and specialized techniques. The need for businesses to become more efficient and integrated with one another, as well as the home user, has given way to a new type of criminal, the "cyber-criminal." It is no longer a matter of "will your organization be comprised (hacked)?" but, rather, "when?" Today's battles between corporations, governments, and countries are no longer fought only in the typical arenas of boardrooms or battlefields using physical force. Now the battlefield starts in the technical realm, which ties into most every facet of modern day life. If you or your organization requires the knowledge or skills to identify, track, and prosecute the cyber-criminal, then this is the course for you.

This 5 day highly interactive course will help participants have hands on understanding and experience in Incident Response & Computer Forensics and prepare for EC-Council Computer Hacking Forensic Investigator exam 312-49.

Benefits

The EC-Council's Computer Hacking Forensic Investigator has emerged as one of today's most sought-after certifications. It serves as a significant step towards a career in incident response & computer forensics and could be followed by ECSA/LPT, CISA, CISM, CISSP certifications.

There are many reasons to achieve a CHFI certification:

• Prepare yourself to respond appropriately to incidents
• Understand how to handle a computer forensic investigation
• Understand how to create digital evidence
• Bring computer forensic expertise to your current occupation
• Become more marketable in a highly competitive environment

Therefore this workshop will prepare you to take the first step into the world of computer forensics and give you a better understanding of how to handle incidents and the various tools which are used to gather digital evidence.

Who should attend

This course will significantly benefit those who would be responsible for handling computer security related incidents.

• Police and other law enforcement personnel
• Cyber crime cell
• Defense and Military personnel
• E-Business Security professionals
• Legal professionals
• Banking professionals
• Insurance professionals
• IT Managers
• Information Security Managers
• Security Consultants
• Security Architects
• Security Specialists
• System Administrators
• IS Auditors

 

Anyone aspiring to get a better understanding of Computer Forensics would benefit from this course. The program is restricted to participants who have completed CEH.

Course Outline

Module 1: Computer Forensics in Today’s World
Module 2: Law and Computer Forensics
Module 3: Computer Investigation Process
Module 4: First Responder Procedure
Module 5: CSIRT
Module 6: Computer Forensic Lab
Module 7: Understanding File Systems and Hard Disks
Module 8: Understanding Digital Media Devices
Module 9: Windows, Linux and Macintosh Boot Processes
Module 10: Windows Forensics
Module 11: Linux Forensics
Module 12: Data Acquisition and Duplication
Module 13: Computer Forensic Tools
Part I - Software Forensics Tools
Part II - Hardware Forensics Tools
Module 14: Forensics Investigations Using Encase
Module 15: Recovering Deleted Files and Deleted partitions
Part I - Recovering Deleted Files
Part II - Recovering Deleted Partitions
Module 16: Image Files Forensics
Module 17: Steganography
Module 18: Application Password Crackers
Module 19: Network Forensics and Investigating Logs
Module 20: Investigating Network Traffic
Module 21: Investigating Wireless Attacks
Module 22: Investigating Web Attacks
Module 23: Router Forensics
Module 24: Investigating DoS Attacks
Module 25: Investigating Internet Crimes
Module 26: Tracking E-mails and Investigating E-mail Crimes
Module 27: Investigating Corporate Espionage
Module 28: Investigating Trademark and Copyright Infringement
Module 29: Investigating sexually harassment incidents
Module 30: Investigating Child Pornography
Module 31: PDA Forensics
Module 32: iPod Forensics
Module 33: Blackberry Forensics
Module 34: Investigative Reports
Module 35: Becoming an Expert Witness