The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic InvestigatorThis is the official CHFI (Computer Hacking Forensics Investigator) study guide for professionals studying for the forensics exams and for professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence to prosecute. The EC-Council offers certification for ethical hacking and computer forensics. Their ethical hacker exam has become very popular as an industry gauge and we expect the forensics exam to follow suit. Material is presented in a logical learning sequence: a section builds upon previous sections and a chapter on previous chapters. All concepts, simple and complex, are defined and explained when they appear for the first time. This book includes: Exam objectives covered in a chapter are clearly explained in the beginning of the chapter, Notes and Alerts highlight crucial points, Exam’s Eye View emphasizes the important points from the exam’s perspective, Key Terms present definitions of key terms used in the chapter, Review Questions contains the questions modeled after real exam questions based on the material covered in the chapter. Answers to the questions are presented with explanations. Also included is a full practice exam modeled after the real exam.
|
Contents
Chapter 1 Computer Forensics in Todays World | 1 |
Chapter 2 Systems Disks and Media | 61 |
Chapter 3 The Computer Investigation Process | 133 |
Chapter 4 Acquiring Data Duplicating Data and Recovering Deleted Files | 197 |
Chapter 5 Windows Linux and Macintosh Boot Processes | 265 |
Chapter 6 Windows and Linux Forensics | 287 |
Chapter 7 Steganography and Application Password Crackers | 351 |
Chapter 8 ComputerAssisted Attacks and Crimes | 387 |
Chapter 11 Investigating Wireless Attacks | 487 |
Chapter 12 PDA Blackberry and iPod Forensics | 511 |
Chapter 13 Forensic Software and Hardware | 543 |
Chapter 14 Forensics Investigation Using EnCase | 617 |
Chapter 15 Incident Response | 675 |
Chapter 16 Types of Investigations | 707 |
Appendix A Becoming an Expert Witness | 813 |
Appendix B Worldwide Forensic Acts and Laws | 861 |
Other editions - View all
The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic ... Dave Kleiman No preview available - 2007 |
Common terms and phrases
access point acquire allows analysis analyze attack backup Bookmarks boot bytes cards CHFI child pornography command computer forensic configuration contains copy court created crime criminal cybercrime damage deleted files detection device displayed document e-mail EnCase encryption environment Exam Objectives example FFFF FFFF FFFF file system floppy floppy disks folder forensic examination forensic investigator forensic software forensic tools format hacker hard disk hard drive hardware hash header identify image file incident response interface Internet iPod iPodLinux keywords law enforcement Linux machine Master Boot Record memory Microsoft NTFS operating system options packets pane partition password person protection recover Recycle router scan SCSI sector server sexual harassment Sleuth Kit specific steganography storage stored suspect Table tion UNIX Windows wireless