Computer Forensics Program

CHFI + ECIH Exam Prep

 

About the Program

Computer Forensics is one of the fastest growing sectors in the cybersecurity landscape. EC-Council MasterClass has developed a combined program to give students a leg up!

Incident response and forensic analysis are related disciplines that can leverage similar tools and related data sets and since incident response is often considered a subset of the broader computer forensic discipline, EC-Council MasterClass is bundling both the Computer Hacking Forensic Investigator (CHFI) and the Certified Incident Handler (CIH) courses.

“As of Dec 29, 2019, the average annual pay for a Computer Forensics Analyst in the United States is $99,014 a year.” - ZipRecruiter”

“A Cyber Incident Responder typically a median salary of $106,000.” - Career Builder

What You’ll Learn

  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling

  • Perform anti-forensic methods detection

  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred

  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.

  • Identify & check the possible source / incident origin.

  • Recover deleted files and partitions in Windows, Mac OS X, and Linux

  • Conduct reverse engineering for known and suspected malware files

  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents


About CHFI

CHFI v10 captures all the essentials of digital forensics analysis and evaluation required for the modern world — tested and approved by veterans and top practitioners of the cyber forensics industry. From identifying the footprints of a breach to collecting evidence for a prosecution, CHFI v10 handholds students through every step of the process with experiential learning. CHFI v10 is engineered by industry practitioners for professionals including those such as forensic analysts, cybercrime investigator, cyber defense forensic analyst, incident responders, information technology auditor, malware analyst, security consultant, chief security officers and aspirants alike.

  • In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 78%.

    • Number of Questions: 150

    • Test Duration: 4 Hours

    • Test Format: Multiple Choice

    • Test Delivery: ECC Exam Portal

    • Cyber Threat Analyst Tier 2

    • Cyber Threat Intelligence Analyst

    • Mid Level Penetration Tester

    • Cyberspace Analyst II

    • Cybersecurity Engineer II Red Team

    • Forensic Analyst, Senior

    • Cyber Security Analyst Advisor

    • Cyber Security Analyst

    • Application Security Analyst

    • Senior Cyber Security Analyst

    • Digital Forensics Analyst- Junior level

    • Security Architect

    • Cybersecurity Auditor

    • Senior Network Security Engineer

    • Information Security Engineer

    • Manager Information Security management

    • Principal Cyber Security Engineer

    • Information Security Risk Program Manager

    • Cybersecurity Systems Engineer

    • Information Assurance/Security Specialist

    • Principal Cyber Operator

    • Information Security Cyber Risk Defense Analyst

    • Senior Forensic Analyst

    • Director Information Technology Security

    • Cyber Security Intelligence Analyst

    • Penetration Tester

    • Sr. Information Assurance Analyst

    • Cyber Security Project Engineer

    • Cyber Threat Analyst II

    • Intrusion Analyst

    • Cyber Systems Administrator

    • Information Security and Risk Assessment Specialist

    • Forensic Analyst, Senior

    • CIS – Cyber and Network Security-Cloud Computing Faculty

    • Tier 2 Cyber Security Analyst

    • Sr. Network Security Engineering Specialist

    • Security Control Assessor 2

    • Security Operations Engineer / Team Lead

    • Principle Cyber Operator

    • Manager, Cyber Security Operations and Incident Response

    • IT Security Manager

    • Sr. Network Security Engineer

    • Senior IT Security Manager- Cloud & Digital

    • Senior Principle, Digital Forensics

    • Sr. Network Security Engineering Consultant

    • Sr. Cyber Threat Intel Analyst

    • Cyber Security Associate 3

    • Tier I Intrusion Analyst

    • Senior Investigative Analyst

    • Sr. Cybersecurity Consultant (Incident Response)

 

About ECIH

The EC-Council Certified Incident Handler (ECIH) program focuses on a structured approach for performing the incident handling and response (IH&R) process. The IH&R process includes stages like incident handling and response preparation, incident validation and prioritization, incident escalation and notification, forensic evidence gathering and analysis, incident containment, systems recovery, and incident eradication. This systematic incident handling and response process creates awareness among incident responders in knowing how to respond to various types of security incidents.

Cybersecurity Professionals interested in pursuing incident handling and response as a career require comprehensive training on the IH&R concepts as well as real-world scenarios. The ECIH program includes hands-on learning delivered through iLabs, online labs within the training program.

  • To be eligible to sit the ECIH Exam, the candidate must either:

    Attend official ECIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program through iLearn (see https://iclass.eccouncil.org).

    OR

    Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.

    • Exam Name: ECIH 212-89

    • Number of Questions: 100

    • Test Duration: 3 Hours

    • Test Delivery: ECC Exam Portal

    • Test Format: Multiple Choice

    • Passing Score: 70%

    • Penetration Testers

    • Vulnerability Assessment Auditors

    • Risk Assessment Administrators

    • Network Administrators

    • Application Security Engineers

    • Cyber Forensic Investigators/ Analyst and SOC Analyst

    • System Administrators/Engineers

    • Firewall Administrators and Network Managers/IT Managers

 

Tuition & Program Info

To learn more about ETI’s tuition and financial aid options, click here.

$3,499

MasterClass Package Includes:

  • Computer Hacking Forensic Investigator Course (CHFI)

    • Computer Hacking Forensic Investigator Course (CHFI) Live Course

      • CHFI Printed Courseware (US courses Only)

      • CHFI iLabs, Live Labs

      • CHFI Certification Exam

      • Exam Insurance Program

    • CHFI Online Self-Paced Streaming Video Course (1 year access)

    • CyberQ - Exam Prep Program

  • Certified Incident Handler/Response (ECIH)

    • Certified Incident Handler/Response (ECIH) Online Self-Paced Streaming Video Course (1 year access)

      • ECIH E-Courseware

      • ECIH iLabs, Live Labs

      • ECIH Certification Exam

      • Exam Insurance Program

  • Computer Forensic Deep Dives

    • Dark Web Forensics Deep Dive - Self-Paced streaming video with access for 1 year

    • Memory Forensics Deep Dive - Self-Paced streaming video access for 1 year

    • Mobile Forensics Deep Dive - Self-Paced streaming video access for 1 year


Course Outline

Computer Hacking Forensic Investigator (CHFI)

  • Computer Forensics in Today’s World

  • Computer Forensics Investigation Process

  • Understanding Hard Disks and File Systems

  • Data Acquisition and Duplication

  • Defeating Anti-forensics Techniques

  • Windows Forensics

  • Linux and Mac Forensics

  • Network Forensics

  • Investigating Web Attacks

  • Dark Web Forensics

  • Database Forensics

  • Cloud Forensics

  • Investigating Email Crimes

  • Malware Forensics

  • Mobile Forensics

  • IoT Forensics


Certified Incident Handler (ECIH)

  • Module 01: Introduction to Incident Handling and Response

  • Module 02: Incident Handling and Response Process

  • Module 03: Forensic Readiness and First Response

  • Module 04: Handling and Responding to Malware Incidents

  • Module 05: Handling and Responding to Email Security Incidents

  • Module 06: Handling and Responding to Network Security Incidents

  • Module 07: Handling and Responding to Web Application Security Incidents

  • Module 08: Handling and Responding to Cloud Security Incidents

  • Module 09: Handling and Responding to Insider Threats