Microtek Learning Logo

CHFI - Computer Hacking Forensic Investigator v10 Training


The CHFI: Certified Hacking Forensic Investigator training course is a completely ANSI-accredited and lab-focused program. This CHFI training is vendor-neutral training in digital forensics.

  • Category : EC-Council

Course Price : $2795 Per Participant

Course Description

The CHFI: Certified Hacking Forensic Investigator training course is a completely ANSI-accredited and lab-focused program.

This CHFI training is vendor-neutral training in digital forensics. With this training, the participant will understand digital forensics, the detailed and best approach to digital forensics, and evidence analysis that revolves around Dark Web, IoT, and Cloud Forensics.

With the help of techniques and tools, the participant will learn to conduct digital investigations and groundbreaking digital forensics technologies.

This Certified Hacking Forensic Investigator training program is for IT professionals involved with information system security, computer forensics, and incident response.

It helps strengthen the application knowledge in digital forensics for forensic analysts, cybercrime investigators, cyber defense forensic analysts, incident responders, information technology auditors, malware analysts, security consultants, and chief security officers.

The CHFI training provides the essential skills to proactively investigate complicated security threats, allowing them to explore, record, and report cybercrimes to prevent future attacks.

Click here to download CHFI Battle Card

Note: This training is DOD-approved (DEPARTMENT OF DEFENSE)

Microsoft Course Microsoft Course


experience experience

Years of Experience

learners learners

Global Learners

What you will learn

  • green-tick Understanding Hard Disks and File Systems
  • green-tick Perform Data Acquisition and Duplication
  • green-tick Understand Anti-forensics Techniques
  • green-tick Understand Anti-forensics Techniques
  • green-tick Perform Windows Forensics
  • green-tick Perform Linux and Mac Forensics
  • green-tick Perform Network Forensics
  • green-tick Investigating Web Attacks
  • green-tick Understand the Dark Web
  • green-tick Understand Cloud Forensics
  • green-tick Investigating Email Crimes
  • green-tick Perform Mobile Forensics
  • green-tick Perform IoT Forensics
  • green-tick Understand Database Forensics and its Importance
  • green-tick Understand the Basic Cloud Computing Concepts
  • green-tick Understand the Fundamentals of Computer Forensics
  • green-tick Understand Cybercrimes and their Investigation Procedures
  • green-tick Understand the Forensic Investigation Process and its Importance



  • IT/forensics professionals with basic knowledge of IT/cyber security, computer forensics, and incident response.


  • Prior completion of CEH training would be an advantage

Who should attend this course?

  • Defense and Security personnel
  • e-Business Security professionals
  • Police and other law enforcement personnel
  • Banking, Insurance, and other professionals
  • Legal professionals
  • Government agencies
  • IT managers
  • Digital Forensics Service Providers

See what's New in CHFI v10

what's New in CHFI v10


Oops! For this course, there are currently no public schedules available. Clicking on "Notify Me" will allow you to express your interest.

For dates, times, and location customization of this course, get in touch with us.

You can also speak with a learning consultant by calling 800-961-0337.


  • Understand the Fundamentals of Computer Forensics
  • Understand Cybercrimes and their Investigation Procedures
  • Understand Digital Evidence
  • Understand Forensic Readiness, Incident Response and the Role of SOC (Security
  • Operations Center) in Computer Forensics
  • Identify the Roles and Responsibilities of a Forensic Investigator
  • Understand the Challenges Faced in Investigating Cybercrimes
  • Understand Legal Compliance in Computer Forensics
  • Understand the Forensic Investigation Process and its Importance
  • Understand the Pre-investigation Phase
  • Understand First Response
  • Understand the Investigation Phase
  • Understand the Post-investigation Phase
  • Describe Different Types of Disk Drives and their Characteristics
  • Explain the Logical Structure of a Disk
  • Understand Booting Process of Windows, Linux and Mac Operating Systems
  • Understand Various File Systems of Windows, Linux and Mac Operating Systems
  • Examine File System Using Autopsy and The Sleuth Kit Tools
  • Understand Storage Systems
  • Understand Encoding Standards and Hex Editors
  • Understand Data Acquisition Fundamentals
  • Understand Data Acquisition Methodology
  • Prepare an Image File for Examination
  • Understand Anti-forensics Techniques
  • Discuss Data Deletion and Recycle Bin Forensics
  • Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted
  • Explore Password Cracking/Bypassing Techniques
  • Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and
  • Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption
  • Detect Program Packers and Footprint Minimizing Techniques
  • Understand Anti-forensics Countermeasures
  • Collect Volatile and Non-volatile Information
  • Perform Windows Memory and Registry Analysis
  • Examine the Cache, Cookie and History Recorded in Web Browsers
  • Examine Windows Files and Metadata
  • Understand ShellBags, LNK Files, and Jump Lists
  • Understand Text-based Logs and Windows Event Logs
  • Understand Volatile and Non-volatile Data in Linux
  • Analyze Filesystem Images Using The Sleuth Kit
  • Demonstrate Memory Forensics Using Volatility & PhotoRec
  • Understand Mac Forensics
  • Understand Network Forensics
  • Explain Logging Fundamentals and Network Forensic Readiness
  • Summarize Event Correlation Concepts
  • Identify Indicators of Compromise (IoCs) from Network Logs
  • Investigate Network Traffic
  • Perform Incident Detection and Examination with SIEM Tools
  • Monitor and Detect Wireless Network Attacks
  • Understand Web Application Forensics
  • Understand Internet Information Services (IIS) Logs
  • Understand Apache Web Server Logs
  • Understand the Functionality of Intrusion Detection System (IDS)
  • Understand the Functionality of Web Application Firewall (WAF)
  • Investigate Web Attacks on Windows-based Servers
  • Detect and Investigate Various Attacks on Web Applications
  • Understand the Dark Web
  • Determine How to Identify the Traces of Tor Browser during Investigation
  • Perform Tor Browser Forensics
  • Understand Database Forensics and its Importance
  • Determine Data Storage and Database Evidence Repositories in MSSQL Server
  • Collect Evidence Files on MSSQL Server
  • Perform MSSQL Forensics
  • Understand Internal Architecture of MySQL and Structure of Data Directory
  • Understand Information Schema and List MySQL Utilities for Performing Forensic
  • Perform MySQL Forensics on WordPress Web Application Database
  • Understand the Basic Cloud Computing Concepts
  • Understand Cloud Forensics
  • Understand the Fundamentals of Amazon Web Services (AWS)
  • Determine How to Investigate Security Incidents in AWS
  • Understand the Fundamentals of Microsoft Azure
  • Determine How to Investigate Security Incidents in Azure
  • Understand Forensic Methodologies for Containers and Microservices
  • Understand Email Basics
  • Understand Email Crime Investigation and its Steps
  • U.S. Laws Against Email Crime
  • Define Malware and Identify the Common Techniques Attackers Use to Spread Malware
  • Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis
  • Understand and Perform Static Analysis of Malware
  • Analyze Suspicious Word and PDF Documents
  • Understand Dynamic Malware Analysis Fundamentals and Approaches
  • Analyze Malware Behavior on System Properties in Real-time
  • Analyze Malware Behavior on Network in Real-time
  • Describe Fileless Malware Attacks and How they Happen
  • Perform Fileless Malware Analysis - Emotet
  • Understand the Importance of Mobile Device Forensics
  • Illustrate Architectural Layers and Boot Processes of Android and iOS Devices
  • Explain the Steps Involved in Mobile Forensics Process
  • Investigate Cellular Network Data
  • Understand SIM File System and its Data Acquisition Method
  • Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices
  • Perform Logical Acquisition on Android and iOS Devices
  • Perform Physical Acquisition on Android and iOS Devices
  • Discuss Mobile Forensics Challenges and Prepare Investigation Report
  • Understand IoT and IoT Security Problems
  • Recognize Different Types of IoT Threats
  • Understand IoT Forensics
  • Perform Forensics on IoT Devices
  • What Exam Do I Need To Get Certified?

    • CHFI EC0 312-49

    CHFI Exam Details

    • Number of Questions: 150
    • Test Duration: 4 hours
    • Test Format: Multiple Choice
    • Test Delivery: ECC exam portal

    About the Certifications

    CHFI - Computer Hacking Forensics Investigator Certification empowers a person with skills and knowledge to recognize hacking attacks, to attain evidence needed to report the crime & the cyber-criminal and to run an analysis that secures people from further attacks.

    This certification works on computer forensics from a vendor-neutral perspective which will strengthen the application knowledge. CHFI imparts supreme level of network security expertise for law enforcement personnel, system administrators, security officers, defense and military personal, legal professionals, bankers, security professionals and anybody who is concerned about the uprightness of the network infrastructure.

    Certification Details

    Step 1: Review the skills and knowledge required to certify.

    Step 2: Recommended training for EC-Council Computer Hacking Forensic Investigator (CHFI) Certification:

    Step 3: Take this exam and get certified.

    • Exam 312-49 CHFI


    Who Should Attend?

    The following individuals will benefit from CHFI:

    IT professionals involved with incident responses, computer forensics, information system security and IT managers, e-Business Security professionals and Systems administrators.


    Skills Measured

    Recommended good understanding of Certified Ethical Hacker (CEH) training course.


    Certification Latest Updates

    This CHFI - Computer Hacking Forensics Investigator Certification is valid for three years starting from the certification data. You must renew your certification before expiry date.


    The cut off score for CHFI certification exam ranges from 60% to 85%.

    After completing your Computer Hacking Forensic Investigator certification exam training, you will need to present certificate of attendance (COA) to EC-council to purchase the CHFI exam voucher.

    Yes, you can extend EC-council's CHFI certification exam voucher for three months by paying a fee of USD $35.

    Yes, you will able to extract and analyze logs from different devices like IPSes, IDSes, proxies, firewalls, desktops, laptops, SIM tools, routers, servers, switches, DHCP servers, AD servers, Access Control Systems etc.

    The Computer Hacking Forensic Investigator training makes you able to do detailed evaluation of the activity evidence and data to analyze the possible circumstances and implications of the noticed even.

    Course Details

    • cert cert-green
      Certification: YES
    • skill skill-green
      Skill Level: Intermediate
    • enroll enroll-green
      Enrolled: 1674
    • duration duration green
      Duration: 5 Days

    Talk to Learning Advisor