A Computer Hacking Forensic Investigator (CHFI) is a trained specialist who uses computer investigation and analysis techniques to find relevant legal evidence.Professionals at CHFI are familiar with a legally competent, methodologically precise approach to computer forensics and evidence processing.

The process of identifying hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks is known as computer hacking forensic investigation (CHFI).In today's online world, computer crime is on the rise.Police, government, and corporate institutions all across the world use computer investigation techniques, and many of them rely on EC- Council's Hacking Forensic Investigator CHFI Certification Program.

  • About this course

    CHFI is a comprehensive course that covers major forensic investigation scenarios and allows students to gain hands-on experience with various forensic investigation techniques and standard forensic tools that are required to successfully conduct a computer forensic investigation that leads to the prosecution of perpetrators.

  • Why should you take this course?

    ✅The course was designed and developed by experienced SMEs and digital forensics practitioners

    ✅A complete vendor neutral course covering all major forensics investigations technologies and solutions

    ✅Detailed labs for hands-on learning experience; approximately 50% of training time is dedicated to labs

    ✅It covers all the relevant knowledge-bases and skills to meets with regulatory compliance standards such as ISO 27001, PCI DSS, SOX, HIPPA, etc

    ✅The program presents a repeatable forensics investigation methodology required from a versatile digital forensic professional which increases your employability

  • What will you learn by taking this course?

    In computer-related crime and abuse situations, computer forensics allows for the systematic and meticulous identification of evidence.This could include following a hacker's tracks through a client's networks, tracing the sender of defamatory emails, or recovering evidence of fraud.

  • Chapter 1: Computer Forensics in Today's World

    ✅ Forensics Science

    ✅ Computer Forensics

    ✅ Security Incident Report

    ✅ Aspects of Organizational Security

    ✅ Evolution of Computer Forensics

    ✅ Objective of Computer Forensics

    ✅ Need for Compute Forensics

    ✅ Forensics Readiness

    ✅ Cyber Crime

    ✅ Cyber Crime Investigation

    ✅ Corporate Investigations

    ✅ Reporting a Cyber Crime

  • Chapter 2: Computer Forensics Investigation Process

    ✅ Investigating Computer Crime

    ✅ Before the Investigation

    ✅ Build a Forensics Workstation

    ✅ Building the Investigation Team

    ✅ People Involved in Computer Forensics

    ✅ Review Policies and Laws

    ✅ Forensics Laws

    ✅ Notify Decision Makers and Acquire Authorization

    ✅ Risk Assessment

    ✅ Build a Computer Investigation Toolkit

    ✅ Steps to Prepare for a Computer Forensics Investigation

    ✅ Computer Forensics Investigation Methodology

  • Chapter 3: Searching and Seizing Computers

    ✅ Searching and Seizing Computers without a Warrant

    ✅ Searching and Seizing Computers with a Warrant

    ✅ The Electronic Communications Privacy Act

    ✅ Evidence

  • Chapter 4: Digital Evidence

    ✅ Digital Data

    ✅ Definition of Digital Evidence

    ✅ Increasing Awareness of Digital Evidence

    ✅ Challenging Aspects of Digital Evidence

    ✅ The Role of Digital Evidence

    ✅ Characteristics of Digital Evidence

    ✅ Fragility of Digital Evidence

    ✅ Anti-Digital Forensics (ADF)

    ✅ Types of Digital Data

    ✅ Rules of Evidence

    ✅ Electronic Devices: Types and Collecting Potential Evidence

    ✅ Digital Evidence Examination Process

    ✅ Electronic Crime and Digital Evidence Consideration by Crime Category

  • Chapter 5: First Responder Procedures

    ✅ Electronic Evidence

    ✅ First Responder

    ✅ Roles of First Responder

    ✅ Electronic Devices: Types and Collecting Potential Evidence

    ✅ First Responder Toolkit

    ✅ First Responder Toolkit

    ✅ Creating a First Responder Toolkit

    ✅ Evidence Collecting Tools and Equipment

    ✅ First Response Basics


    ✅ Securing and Evaluating Electronic Crime Scene

    ✅ Conducting Preliminary Interviews

    ✅ Documenting Electronic Crime Scene

    ✅ Collecting and Preserving Electronic Evidence

    ✅ Packaging and Transporting Electronic Evidence

    ✅ Reporting the Crime Scene

    ✅ Note Taking Checklist

    ✅ First Responder Common Mistakes

  • Chapter 6: Computer Forensics Lab

    ✅ Setting a Computer Forensics Lab

    ✅ Computer Forensics Lab

    ✅ Planning for a Forensics Lab

    ✅ Budget Allocation for a Forensics Lab

    ✅ Physical Location Needs of a Forensics Lab

    ✅ Structural Design Considerations

    ✅ Environmental Conditions

    ✅ Electrical Needs

    ✅ Communication Needs

    ✅ Work Area of a Computer Forensics Lab

    ✅ Ambience of a Forensics Lab

    ✅ Ambience of a Forensics Lab: Ergonomics

    ✅ Physical Security Recommendations

    ✅ Fire-Suppression Systems

    ✅ Evidence Locker Recommendations

    ✅ Computer Forensic Investigator

    ✅ Law Enforcement Officer

    ✅ Lab Director

    ✅ Forensics Lab Licensing Requisite

    ✅ Features of the Laboratory Imaging System

    ✅ Technical Specification of the Laboratory-??ased Imaging System

    ✅ Forensics Lab

    ✅ Auditing a Computer Forensics Lab

    ✅ Recommendations to Avoid Eyestrain

    ✅ Investigative Services in Computer Forensics

    ✅ Computer Forensics Hardware

    ✅ Computer Forensics Software

  • Chapter 7: Understanding Hard Disks and File Systems

    ✅ Hard Disk Drive Overview

    ✅ Disk Drive Overview

    ✅ Hard Disk Drive

    ✅ Solid-State Drive (SSD)

    ✅ Physical Structure of a Hard Disk

    ✅ Logical Structure of Hard Disk

    ✅ Types of Hard Disk Interfaces

    ✅ Hard Disk Interfaces

    ✅ Disk Platter


    ✅ Bad Sector

    ✅ Hard Disk Data Addressing

    ✅ Disk Capacity Calculation

    ✅ Tracks

    ✅ Sector

    ✅ Cluster

    ✅ Measuring the Performance of the Hard Disk

    ✅ Disk Partitions and Boot Process

    ✅ RAID Storage System

    ✅ File System Analysis Using The Sleuth Kit (TSK)

  • Chapter 8: Windows Forensics

    ✅ Collecting Volatile Information

    ✅ Volatile Information

    ✅ Collecting Non-volatile Information

    ✅ Windows Memory Analysis

    ✅ Windows Registry Analysis

    ✅ Cache, Cookie, and History Analysis

    ✅ MD5 Calculation

    ✅ Windows File Analysis

    ✅ Metadata Investigation

    ✅ Text Based Logs

    ✅ Other Audit Events

    ✅ Forensic Analysis of Event Logs

    ✅ Windows Password Issues

    ✅ Forensic Tools

  • Chapter 9: Data Acquisition and Duplication

    ✅ Data Acquisition and Duplication Concepts

    ✅ Data Acquisition Types

    ✅ Disk Acquisition Tool Requirements

    ✅ Validation Methods

    ✅ RAID Data Acquisition

    ✅ Acquisition Best Practices

    ✅ Data Acquisition Software Tools

    ✅ Data Acquisition Hardware Tools

  • Chapter 10: Recovering Deleted Files and Deleted Partitions

    ✅ Recovering the Deleted Files

    ✅ Deleting Files

    ✅ What Happens When a File is Deleted in Windows?

    ✅ Recycle Bin in Windows

    ✅ File Recovery in MAC OS X


    ✅ File Recovery in Linux

    ✅ File Recovery Tools for Windows

    ✅ File Recovery Tools for MAC

    ✅ File Recovery Tools for Linux

    ✅ Recovering the Deleted Partitions

    ✅ Partition Recovery Tools

  • Chapter 11: Forensics Investigation using Access Data FTK

    ✅ Overview and Installation of FTK

    ✅ Overview of Forensic Toolkit (FTK)

    ✅ Features of FTK

    ✅ Software Requirement

    ✅ Configuration Option

    ✅ Database Installation

    ✅ FTK Application Installation

    ✅ FTK Case Manager User Interface

    ✅ FTK Examiner User Interface

    ✅ Starting with FTK

    ✅ FTK Interface Tabs

    ✅ Adding and Processing Static, Live, and Remote Evidence

    ✅ Using and Managing Filters

    ✅ Using Index Search and Live Search

    ✅ Decrypting EFS and other Encrypted Files

    ✅ Working with Reports

  • Chapter 12: Forensics Investigation Using EnCase

    ✅ Overview of EnCase Forensic

    ✅ Overview of EnCase Forensic

    ✅ EnCase Forensic Features

    ✅ EnCase Forensic Platform

    ✅ EnCase Forensic Modules

    ✅ Installing EnCase Forensic

    ✅ EnCase Interface


    ✅ Case Management

    ✅ Working with Evidence

    ✅ Source Processor

    ✅ Analyzing and Searching Files

    ✅ Viewing File Content

    ✅ Bookmarking Items

    ✅ Reporting

  • Chapter 13: Steganography and Image File Forensics

    ✅ Steganography

    ✅ What is Steganography?

    ✅ How Steganography Works

    ✅ Legal Use of Steganography

    ✅ Unethical Use of Steganography


    ✅ Steganography Techniques

    ✅ Steganalysis

    ✅ Image Files

    ✅ Data Compression

    ✅ Locating and Recovering Image Files

    ✅ Image File Forensics Tools

  • Chapter 14: Application Password Crackers

    ✅ Password Cracking Concepts

    ✅ Password – Terminology

    ✅ Password Types

    ✅ Password Cracker

    ✅ How Does a Password Cracker Work?

    ✅ How Hash Passwords are Stored in Windows SAM

    ✅ Types of Password Attacks

    ✅ Classification of Cracking Software

    ✅ Systems Software vs. Applications Software

    ✅ System Software Password Cracking

    ✅ Application Software Password Cracking

    ✅ Password Cracking Tools

  • Chapter 15: Log Capturing and Event Correlation

    ✅ Computer Security Logs

    ✅ Computer Security Logs

    ✅ Operating System Logs

    ✅ Application Logs

    ✅ Security Software Logs

    ✅ Router Log Files

    ✅ Honeypot Logs

    ✅ Linux Process Accounting

    ✅ Logon Event in Window

    ✅ Windows Log File

    ✅ IIS Logs

    ✅ Log File Accuracy

    ✅ Log Everything

    ✅ Keeping Time

    ✅ UTC Time

    ✅ ODBC Logging

    ✅ Logs and Legal Issues

    ✅ Log Management

    ✅ Centralized Logging and Syslogs

    ✅ Time Synchronization

    ✅ Event Correlation

    ✅ Log Capturing and Analysis Tools

  • Chapter 16: Network Forensics, Investigating Logs and Investigating Network Traffic

    ✅ Network Forensics

    ✅ Network Forensics

    ✅ Network Forensics Analysis Mechanism

    ✅ Network Addressing Schemes

    ✅ Overview of Network Protocols

    ✅ Overview of Physical and Data-Link Layer of the OSI Model

    ✅ Overview of Network and Transport Layer of the OSI Model

    ✅ OSI Reference Model

    ✅ TCP/ IP Protocol


    ✅ Intrusion Detection Systems (IDS) and ??heir Placement

    ✅ Firewall

    ✅ Honeypot

    ✅ Network Attacks

    ✅ Log Injection Attacks

    ✅ Investigating and Analyzing Logs

    ✅ Investigating Network Traffic

    ✅ Traffic Capturing and Analysis Tools

    ✅ Documenting the Evidence Gathered on a Network

  • Chapter 17: Investigating Wireless Attacks

    ✅ Wireless Technologies

    ✅ Wireless Networks

    ✅ Wireless Terminologies

    ✅ Wireless Components

    ✅ Types of Wireless Networks

    ✅ Wireless Standards

    ✅ MAC Filtering

    ✅ Service Set Identifier (SSID)

    ✅ Types of Wireless Encryption: WEP

    ✅ Types of Wireless Encryption: WPA

    ✅ Types of Wireless Encryption: WPA2

    ✅ WEP vs. WPA vs. WPA2

    ✅ Wireless Attacks

    ✅ Investigating Wireless Attacks

    ✅ Features of a Good Wireless Forensics Tool

    ✅ Wireless Forensics Tools

    ✅ Traffic Capturing and Analysis Tools

  • Chapter 18: Investigating Web Attacks

    ✅ Introduction to Web Applications and Webservers

  • Chapter 19: Tracking Emails and investigating Email Crimes

    ✅ Email Terminology

    ✅ Email System

    ✅ Email Clients

    ✅ Email Server

    ✅ SMTP Server

    ✅ POP3 and IMAP Servers

    ✅ Importance of Electronic Records Management

    ✅ Email Message

    ✅ Email Crimes

    ✅ Email Headers

    ✅ Steps to Investigate

    ✅ Email Forensics Tools

    ✅ Laws and Acts against Email Crimes

  • Chapter 20: Mobile Forensics

    ✅ Mobile Phone

    ✅ Different Mobile Devices

    ✅ Hardware Characteristics of Mobile Devices

    ✅ Software Characteristics of Mobile Devices

    ✅ Components of Cellular Network

    ✅ Different Cellular Networks

    ✅ Cellular Network

    ✅ Mobile Operating Systems

    ✅ Mobile Forensics

    ✅ Mobile Forensic Process

    ✅ Mobile Forensics Software Tools

    ✅ Mobile Forensics Hardware Tools

  • Chapter 21: Investigative Reports

    ✅ Computer Forensics Report

    ✅ Computer Forensics Report

    ✅ Salient Features of a Good Report

    ✅ Aspects of a Good Report

    ✅ Computer Forensics Report Template

    ✅ Investigative Report Writing

    ✅ Sample Forensics Report

    ✅ Report Writing Using Tools

  • Chapter 22: Becoming an Expert Witness

    ✅ Expert Witness

  • What is the Computer Hacking Forensic Investigator Exam?

    Computer hacking forensic investigation Exam is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.

  • How much time take ?

    1 hours 

  • what is the extention policy?

    EC-Council exam vouchers are valid for a maximum period of one year from the date of purchase. A candidate may opt to extend his/her EC-Council exam vouchers for an additional 3 months for $35 if the voucher is valid (not used and not expired). Vouchers can only be extended once.

  • What is the passing criteria for the Exam?

    To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

  • Key Features:
  • Created by a Security expert :
  • Access period : 12 months
  • Course duration : 40+ hours
  • Quizzes & revision exams :
  • Certificate of completion :
  • Support : 24/7 hours
Feature Picture
icon Training in Group
icon8 hours Training
icon Guaranteed Date
Course Name


Pick your preferred schedule
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
16 Oct 8 Hours/Day
9:00AM - 5PM BST Bangladesh
icon 1-on-1 Training
icon 4 hours Training
icon Guaranteed Date
8 hours Training
Course Name


Pick your preferred date & time
Start Time : 09:00 AM
12 AM 12 PM

Why learn with us?

  • We're tech career experts
  • 25,000+ students worldwide
  • Alternative to traditional university education
  • Start a new career or advance your current one & land your dream job
  • Award winning StudentCare
  • Most in-demand skills for job market
  • Partnered with most biggest accreditors in the world
  • Exclusive student benefits
IT-Parofessional Image


AZ-900 Image
  • Exam Pass Guarantee (live online)
  • 100% Satisfaction Guarantee
  • Immediate access to Aspire portal for practice exam
  • Get started with Certification pathway
  • Knowledge Transfer Guarantee
  • Take advantage of globally recognized platform
Aspire-IT-Executive Image

Get certified the
Aspire way

Professional development courses that work around you

  • Official EC-Council training
  • Global community of peers
  • Hands-on interactive labs
  • 12 months unlimited access

Find Your Boot Camp

Boost Engagement with delivering Communication Tools

Bootcamp Image

Increase employee engagement with a different suite of communication tools like:


Promote your training program with visuals you can customize to brand... more  


Send training updates and security best practice highlights directly... more  

Digital wallpapers and web banners

Increase program engagement with colorful thought-provoking messaging... more  

Training Videos/Animations

Strengthen key awareness concepts and skills through stylish visual... more  

Why Aspire Tech

Award-winning courses

Aspire's award-winning online courses and programs are created and delivered by a renowned Cyber Security specialist.

The perfect fit for business

Plans for small to large businesses that are flexible to match your budget. There is a volume discount available.

Cost effective training

For a fraction of the expense of traditional classroom training, train thousands of employees in numerous locations.

Speak with an expert