The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator
This is the official CHFI (Computer Hacking Forensics Investigator) study guide for professionals studying for the forensics exams and for professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence to prosecute.
The EC-Council offers certification for ethical hacking and computer forensics. Their ethical hacker exam has become very popular as an industry gauge and we expect the forensics exam to follow suit.
Material is presented in a logical learning sequence: a section builds upon previous sections and a chapter on previous chapters. All concepts, simple and complex, are defined and explained when they appear for the first time. This book includes: Exam objectives covered in a chapter are clearly explained in the beginning of the chapter, Notes and Alerts highlight crucial points, Exam’s Eye View emphasizes the important points from the exam’s perspective, Key Terms present definitions of key terms used in the chapter, Review Questions contains the questions modeled after real exam questions based on the material covered in the chapter. Answers to the questions are presented with explanations. Also included is a full practice exam modeled after the real exam.
Chapter 3 The Computer Investigation Process
Chapter 4 Acquiring Data Duplicating Data and Recovering Deleted Files
Chapter 5 Windows Linux and Macintosh Boot Processes
Chapter 6 Windows and Linux Forensics
Chapter 7 Steganography and Application Password Crackers
Chapter 8 ComputerAssisted Attacks and Crimes
Chapter 11 Investigating Wireless Attacks
Chapter 12 PDA Blackberry and iPod Forensics
Chapter 13 Forensic Software and Hardware
Chapter 14 Forensics Investigation Using EnCase
Chapter 15 Incident Response
Chapter 16 Types of Investigations
Appendix A Becoming an Expert Witness
Appendix B Worldwide Forensic Acts and Laws
Other editions - View all
access point acquire allows analysis analyze attack backup boot bytes cards CHFI child pornography command computer forensic configuration contains copy court created crime criminal damage data recovery deleted files detection device disk image displayed document duplicate e-mail EnCase encryption environment Exam Objectives example Figure file system floppy floppy disks folder forensic examination forensic investigator forensic software forensic tools format hacker hard disk hard drive hardware hash header identify image file incident response interface Internet iPod keywords law enforcement Linux machine Master Boot Record memory method Microsoft NTFS operating system options packets pane partition password person protection recover Recycle router SCSI sector server sexual harassment Sleuth Kit specific steganography storage stored suspect Table tion UNIX Windows wireless