Computer Hacking Forensic Investigator
Build upon existing ethical hacking skills with the Computer Hacking Forensic Investigator course. This course teaches students about the processes and tools required to investigate a serious security breach and collect evidence for a potential prosecution using industry-standard principles. The Computer Hacking Forensic Investigator qualification covers everything needed to investigate, document and prosecute a malicious security breach. The course is best suited to:
- Network engineers and IT security professionals responsible for investigating network perimeter breaches and data theft incidents.
- IT professionals who need to earn the certification to prove their experience in the field of network security.
- Network security consultants who want to offer hacking forensic services to clients.
- IT professionals who have already completed the Certified Ethical Hacker training course/certificate and who want to take their studies further.
- Individuals who would like to learn the skills and techniques required to make a career change into IT security.
Key Learning PointsAs a deep dive into forensic investigation techniques, students will learn everything they need to fully assess a security breach and collect the correct information required to launch and successfully prosecute a criminal attack. The course begins with a look at the action required immediately after an attack has been identified including:
- How to carry out an investigation according to industry best practice principles and legal guidelines.
- Searching and seizing resources as required for the investigation.
- How to handle digital evidence to maintain legal standards.
- What the first responder needs to do as soon as a breach is identified to prevent loss of evidence or failing to meet legal evidence requirements.
- How to fit a forensic lab for investigations.
- Understanding hard disks and file systems and how they affect forensic recovery.
- The specifics of performing forensic investigations on computers running Microsoft Windows.
- Acquiring and duplicating data to preserve evidence and facilitate further investigation.
- Using Access Data’s Forensic Tookit (FTK), EnCase and special steps to review data whilst leaving all evidence intact.
- Understanding steganography and how such techniques can be used to mask data theft.
- Password recovery techniques and how to circumvent basic technologies employed to hide criminal activity.
- Comparing log files to identify instances where they may have been tampered with.
- Carrying out forensic analysis of network resources to identify intrusion attempts.
- Checking wireless networks for evidence of unauthorised access or tampering.
- Investigating attacks against web servers, web applications and other Internet-connected resources.
- Tracing and documenting email crimes that may have been perpetrated from inside the corporate network.
- Investigating attacks on mobile resources.
- Drawing up accurate investigation reports for use as evidence in a trial.
- Preparing to deliver evidence as an expert witness in the event of a trial.
Advantages of this courseBuilding on existing knowledge of hacking techniques covered in the certification, students learn everything they need to collect proof for use in a criminal prosecution. Once the course has been completed, students will be ready to sit their exam and earn the certification. Among the many benefits students will realise upon completion of this course are:
- Hands on skills and experience that will allow security professionals to properly manage breaches and cyberattacks.
- The necessary forensic and legal awareness to ensure that evidence is preserved for potential criminal and civil legal proceedings.
- A raised level of awareness that can be used to train other employees to share security responsibilities.
- An improved skill set that will help employees be more productive and efficient.
- Enhanced employment opportunities within the network security and forensic auditing arena.
Units of Study
- Intro to Course
- Intro to Forensics
- Forensics Investigation Process
- Searching and Seizing
- Digital Evidence
- First Responder Procedures
- Forensic Lab
- Hard Disks and File Systems
- Windows Forensics
- Data Acquisition and Duplication
- Recovering Deleted Files and Partitions
- Using Access Data FTK and Special Steps
- Log Correlation
- Network Forensics
- Wireless Attacks
- Web Attacks
- Email Crimes
- Mobile Investigation
- Investigation Reports
- Expert Witness
Curriculum is empty