Facebook Pixel
Microsoft Certification Training
Search classes by keyword:
Search classes by category:
Microsoft Certification and Microsoft Training, Cisco Certification and MCSE Certification
Ethical Hacking Computer space



EC-Council CEH/CHFI Certification Training

EC-Council Certified Ethical Hacker & Computer Forensics (CEH/CHFI) (some gaps in dates)

Course Number: #CED-290
Course Length: 12 days
Number of Exams: 2
Certifications: EC-Council Ethical Hacker (CEH)
EC-Council Hacking Forensic Investigator (CHFI)

Grants (discounts) are available for multiple students for the same or different courses.

Upcoming Dates Class Times Class Format Quote
11/4 - 11/18, 2017 8:00 AM - 5:00 PM Instructor-Led Quote

Instructor-Led

  • Roundtrip Airfare & Lodging
    (Atlanta boot camps only)
  • Hands-on instruction by a certified instructor
  • Includes all course materials
  • On-site Testing
  • Lunch & Snacks provided each day
  • Practice Exam
  • Certification Exam

EC-Council Cyber Security Programs Guide

This resource is provided by EC-Council as a guide to help you navigate the various certifications available as you structure your own Cyber Security career path or the constructs of your Cyber Security Team. The document is broken down into 6 Primary tracks including:

  • Cyber Security Foundations
  • Vulnerability Assessment and Penetration Testing
  • Cyber Forensics
  • Network Defense and Operations
  • Software Security
  • Governance

This guide will help you understand what Cyber Security certifications are available by Security Focus Area, Job Role, Intended Audience, as well as some example companies who currently build capability in their Cyber Security teams with EC-Council certifications.



Can't travel or you want to stay with your family or business. No problem! Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.

Remote Classroom Training

Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers. You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.

Like us on Facebook and SAVE $100 on your next course

Ethical Hacking and Countermeasures will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols.


Ethical Hacking

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive class they will have hands on understanding and experience in Ethical Hacking.

This course prepares you for EC-Council Certified Ethical Hacker (Exam 312-50)

Who Should Attend

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Certification

The Certified Ethical Hacker certification (Exam 312-50) will be conducted on the last day of training. Students need to pass the online Prometric exam to receive CEH certification.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols.

Course Outline

Ethics and Legality
  • What is an Exploit?
  • The security functionality triangle
  • The attacker's process
  • Passive reconnaissance
  • Active reconnaissance
  • Types of attacks
  • Categories of exploits
  • Goals attackers try to achieve
  • Ethical hackers and crackers - who are they
  • Self proclaimed ethical hacking
  • Hacking for a cause (Hacktivism)
  • Skills required for ethical hacking
  • Categories of Ethical Hackers
  • What do Ethical Hackers do?
  • Security evaluation plan
  • Types of Ethical Hacks
  • Testing Types
  • Ethical Hacking Report
  • Cyber Security Enhancement Act of 2002
  • Computer Crimes
  • Overview of US Federal Laws
  • Section 1029
  • Section 1030
  • Hacking Punishment
Footprinting
  • What is Footprinting
  • Steps for gathering information
  • Whois
  • http://tucows.com
  • Hacking Tool: Sam Spade
  • Analyzing Whois output
  • NSLookup
  • Finding the address range of the network
  • ARIN
  • Traceroute
  • Hacking Tool: NeoTrace
  • Visual Route
  • Visual Lookout
  • Hacking Tool: Smart Whois
  • Hacking Tool: eMailTracking Pro
  • Hacking Tool: MailTracking.com
Scanning
  • Determining if the system is alive?
  • Active stack fingerprinting
  • Passive stack fingerprinting
  • Hacking Tool: Pinger
  • Hacking Tool: Friendly Pinger
  • Hacking Tool: WS_Ping_Pro
  • Hacking Tool: Netscan Tools Pro 2000
  • Hacking Tool: Hping2
  • Hacking Tool: KingPing
  • Hacking Tool: icmpenum
  • Hacking Tool: SNMP Scanner
  • Detecting Ping sweeps
  • ICMP Queries
  • Hacking Tool: netcraft.com
  • Port Scanning
  • TCPs 3-way handshake
  • TCP Scan types
  • Hacking Tool: IPEye
  • Hacking Tool: IPSECSCAN
  • Hacking Tool: nmap
  • Port Scan countermeasures
  • Hacking Tool: HTTrack Web Copier
  • Network Management Tools
  • SolarWinds Toolset
  • NeoWatch
  • War Dialing
  • Hacking Tool: THC-Scan
  • Hacking Tool: PhoneSweep War Dialer
  • Hacking Tool: Telesweep
  • Hacking Tool: Queso
  • Hacking Tool: Cheops
  • Proxy Servers
  • Hacking Tool: SocksChain
  • Surf the web anonymously
  • TCP/IP through HTTP Tunneling
  • Hacking Tool: HTTPort
  • Hacking Tool: Tunneld
  • Hacking Tool: BackStealth
Enumeration
  • What is Enumeration
  • NetBios Null Sessions
  • Null Session Countermeasures
  • NetBIOS Enumeration
  • Hacking Tool: DumpSec
  • Hacking Tool: Hyena
  • Hacking Tool: NAT
  • SNMP Enumertion
  • SNMPUtil
  • Hacking Tool: IP Network Browser
  • SNMP Enumeration Countermeasures
  • Windows 2000 DNS Zone transfer
  • Identifying Win2000 Accounts
  • Hacking Tool: User2SID
  • Hacking Tool: SID2User
  • Hacking Tool: Enum
  • Hacking Tool: UserInfo
  • Hacking Tool: GetAcct
  • Hacking Tool: smbbf
  • SMB Auditing Tools
  • Active Directory Enumeration
  • W2K Active Directory attack
System Hacking
  • Administrator Password Guessing
  • Performing Automated Password Guessing
  • Legion
  • NTInfoScan
  • Defending Against Password Guessing
  • Monitoring Event Viewer Logs
  • VisualLast
  • Eavesdroppin on Network Password Exchange
  • Hacking Tool: L0phtCrack
  • Hacking Tool: KerbCrack
  • Privilege Escalation
  • Hacking Tool: GetAdmin
  • Hacking Tool: hk
  • Manual Password Cracking Algorithm
  • Automatic Password Cracking Algorithm
  • Password Types
  • Types of Password Attacks
  • Dictionary Attack
  • Brute Force Attack
  • Distributed Brute Force Attack
  • Password Change Interval
  • Hybrid Attack
  • Cracking Windows 2000 Passwords
  • Retrieving the SAM file
  • Redirecting SMB Logon to the Attacker
  • SMB Redirection
  • Hacking Tool: SMBRelay
  • Hacking Tool: SMBRelay2
  • Hacking Tool: pwdump2
  • Hacking Tool: SAMdump
  • Hacking Tool: C2MYAZZ
  • Win32 Create Local Admin User
  • Offline NT Password Resetter
  • Hacking Tool: psexec
  • Hacking Tool: remoxec
  • SMBRelay Man-in-the-Middle (MITM)
  • SMBRelay MITM Countermeasures
  • Hacking Tool: SMBGrinder
  • Hacking Tool: SMBDie
  • Hacking Tool: NBTDeputy
  • NetBIOS DoS Attack
  • Hacking Tool: nbname
  • Hacking Tool: John the Ripper
  • LanManager Hash
  • Password Cracking Countermeasures
  • Keystroke Logger
  • Hacking Tool: Spector
  • AntiSpector
  • Hacking Tool: eBlaster
  • Hacking Tool: SpyAnywhere
  • Hacking Tool: IKS Software Logger
  • Hacking Tool: Fearless Key Logger
  • Hacking Tool: E-mail Keylogger
  • Hardware Tool: Hardware Key Logger
  • Hacking Tool: Rootkit
  • Planting Rootkit on Windows 2000 Machine
  • _rootkit_ embedded TCP/IP Stack
  • Rootkit Countermeasures
  • MD5 Checksum utility
  • Tripwire
  • Covering Tracks
  • Disabling Auditing
  • Auditpol
  • Clearing the Event Log
  • Hacking Tool: Elslave
  • Hacking Tool: Winzapper
  • Hacking Tool: Evidence Eliminator
  • Hidding Files
  • NTFS File Streaming
  • Hacking Tool: makestrm
  • NTFS Streams Countermeasures
  • LNS
  • Steganography
  • Hacking Tool: ImageHide
  • Hacking Tool: BlindSide
  • Hacking Tool: MP3Stego
  • Hacking Tool: Snow
  • Hacking Tool: Camera/Shy
  • Steganography Detection
  • StegDetect
  • Hacking Tool: Stealth Files
  • Encrypted File System
  • Hacking Tool: dskprobe
  • Hacking Tool: EFSView
  • Buffer Overflows
  • Creating Buffer Overflow Exploit
  • Outlook Buffer Overflow
  • Hacking Tool: Outoutlook
Trojans and Backdoors
  • What is a Trojan Horse?
  • Overt and Covert
  • Hacking Tool: QAZ
  • Hacking Tool: Tini
  • Hacking Tool: Netcat
  • Hacking Tool: Donald Dick
  • Hacking Tool: SubSeven
  • Hacking Tool: BackOrifice 2000
  • Back Oriffice Plug-ins
  • BoSniffer
  • Hacking Tool: NetBus
  • ComputerSpy Key Logger
  • Hacking Tool: Beast Trojan
  • Hacking Tool: CyberSpy Telnet Trojan
  • Hacking Tool: SubRoot Telnet Trojan
  • Hacking Tool: LetMeRule
  • Wrappers
  • Hacking Tool: Graffiti
  • Hacking Tool: Silk Rope 2000
  • Hacking Tool: EliteWrap
  • Hacking Tool: IconPlus
  • Packaging Tool: Microsoft WordPad
  • Hacking Tool: Whack a Mole
  • Trojan Construction Kit
  • Writing Trojans in Java
  • Hacking Tool: FireKiller 2000
  • Covert Channels
  • ICMP Tunneling
  • Hacking Tool: Loki
  • Reverse WWW Shell
  • Backdoor Countermeasures
  • BO Startup and Registry Entries
  • NetBus Startup and Registry Keys
  • Port Monitoring Tools
  • fPort
  • TCPView
  • Process Viewer
  • Inzider - Tracks Processes and Ports
  • Trojan Maker
  • Hacking Tool: Hard Disk Killer
  • Man-in-the-Middle Attack
  • Hacking Tool: dsniff
  • System File Verification
  • TripWire
Sniffers
  • What is a Sniffer?
  • Hacking Tool: Ethereal
  • Hacking Tool: Snort
  • Hacking Tool: WinDump
  • Hacking Tool: EtherPeek
  • Passive Sniffing
  • Active Sniffing
  • Hacking Tool: EtherFlood
  • How ARP Works?
  • Hacking Tool: ArpSpoof
  • Hacking Tool: DSniff
  • Hacking Tool: Macof
  • Hacking Tool: mailsnarf
  • Hacking Tool: URLsnarf
  • Hacking Tool: Webspy
  • Hacking Tool: Ettercap
  • Hacking Tool: WebMiTM
  • IP Restrictions Scanner
  • Hacking Tool: sTerm
  • Hacking Tool: Cain and Abel
  • Hacking Tool: Packet Crafter
  • Hacking Tool: SMAC
  • MAC Changer
  • ARP Spoofing Countermeasures
  • Hacking Tool: WinDNSSpoof
  • Hacking Tool: Distributed DNS Flooder
  • Hacking Tool: WinSniffer
  • Network Tool: IRIS
  • Network Tool: NetInterceptor
  • SniffDet
  • Hacking Tool: WinTCPKill
Denial of Service
  • What is Denial of Service Attack?
  • Types of DoS Attacks
  • How DoS Work?
  • What is DDoS?
  • Hacking Tool: Ping of Death
  • Hacking Tool: SSPing
  • Hacking Tool: Land
  • Hacking Tool: Smurf
  • Hacking Tool: SYN Flood
  • Hacking Tool: CPU Hog
  • Hacking Tool: Win Nuke
  • Hacking Tool: RPC Locator
  • Hacking Tool: Jolt2
  • Hacking Tool: Bubonic
  • Hacking Tool: Targa
  • Tools for Running DDoS Attacks
  • Hacking Tool: Trinoo
  • Hacking Tool: WinTrinoo
  • Hacking Tool: TFN
  • Hacking Tool: TFN2K
  • Hacking Tool: Stacheldraht
  • Hacking Tool: Shaft
  • Hacking Tool: mstream
  • DDoS Attack Sequence
  • Preventing DoS Attack
  • DoS Scanning Tools
  • Find_ddos
  • SARA
  • DDoSPing
  • RID
  • Zombie Zapper
Social Engineering
  • What is Social Engineering?
  • Art of Manipulation
  • Human Weakness
  • Common Types of Social Engineering
  • Human Based Impersonation
  • Important User
  • Tech Support
  • Third Party Authorization
  • In Person
  • Dumpster Diving
  • Shoulder Surfing
  • Computer Impersonation
  • Mail Attachments
  • Popup Windows
  • Website Faking
  • Reverse Social Engineering
  • Policies and Procedures
  • Social Engineering Security Policies
  • The Importance of Employee Education
Session Hijacking
  • What is Session Hijacking?
  • Session Hijacking Steps
  • Spoofing Vs Hijacking
  • Active Session Hijacking
  • Passive Session Hijacking
  • TCP Concepts - 3 way Handshake
  • Sequence Numbers
  • Sequence Number Example
  • Guessing the Sequence Numbers
  • Hacking Tool: Juggernaut
  • Hacking Tool: Hunt
  • Hacking Tool: TTYWatcher
  • Hacking Tool: IP Watcher
  • Hacking Tool: T-Sight
  • Remote TCP Session Reset Utility
  • Dangers Posed by Session Hijacking
  • Protection against Session Hijacking
Hacking Web Servers
  • Apache Vulnerability
  • Attacks against IIS
  • IIS Components
  • ISAPI DLL Buffer Overflows
  • IPP Printer Overflow
  • msw3prt.dll
  • Oversized Print Requests
  • Hacking Tool: Jill32
  • Hacking Tool: IIS5-Koei
  • Hacking Tool: IIS5Hack
  • IPP Buffer Overflow Countermeasures
  • ISAPI DLL Source Disclosure
  • ISAPI.DLL Exploit
  • Defacing Web Pages
  • IIS Directory Traversal
  • Unicode
  • Directory Listing
  • Clearing IIS Logs
  • Network Tool: LogAnalyzer
  • Attack Signature
  • Creating Internet Explorer (IE) Trojan
  • Hacking Tool: IISExploit
  • Hacking Tool: UnicodeUploader.pl
  • Hacking Tool: cmdasp.asp
  • Escalating Privilages on IIS
  • Hacking Tool: IISCrack.dll
  • Hacking Tool: ispc.exe
  • IIS WebDav Vulnerability
  • Hacking Tool: WB
  • RPC Exploit-GUI
  • Hacking Tool: DComExpl_UnixWin32
  • Hacking Tool: Plonk
  • Unspecified Executable Path Vulnerability
  • Hacking Tool: CleanIISLog
  • File System Traversal Countermeasures
  • Microsoft HotFix Problems
  • UpdateExpert
  • Cacls utility
  • Network Tool: Whisker
  • N-Stealth Scanner
  • Hacking Tool: WebInspect
  • Network Tool: Shadow Security Scanner
Web Application Vulnerabilities
  • Documenting the Application Structure
  • Manually Inspecting Applications
  • Using Google to Inspect Applications
  • Directory Structure
  • Hacking Tool: Instant Source
  • Java Classes and Applets
  • Hacking Tool: Jad
  • HTML Comments and Contents
  • Hacking Tool: Lynx
  • Hacking Tool: Wget
  • Hacking Tool: Black Widow
  • Hacking Tool: WebSleuth
  • Cross Side Scripting
  • Session Hijacking using XSS
  • Cookie Stealing
  • Hacking Tool: IEEN
  • Hacking Tool: IEflaw
  • Exposing Sensitive Data with Google
Web Based Password Cracking Techniques
  • Basic Authentication
  • Message Digest Authentication
  • NTLM Authentication
  • Certificate based Authentication
  • Digital Certificates
  • Microsoft Passport Authentication
  • Forms based Authentication
  • Creating Fake Certificates
  • Hacking Tool: WinSSLMiM
  • Password Guessing
  • Dfault Account Database
  • Hacking Tool: WebCracker
  • Hacking Tool: Brutus
  • Hacking Tool: ObiWan
  • Hacking Tool: Munga Bunga
  • Password dictionary Files
  • Attack Time
  • Hacking Tool: Variant
  • Hacking Tool: PassList
  • Query Strings
  • Post data
  • Hacking Tool: cURL
  • Stealing Cookies
  • Hacking Tool: CookieSpy
  • Hacking Tool: ReadCookies
  • Hacking Tool: SnadBoy
SQL Injection
  • What is SQL Injection Vulnerability?
  • SQL Insertion Discovery
  • Blank sa Password
  • Simple Input Validation
  • SQL Injection
  • OLE DB Errors
  • 1=1
  • blah' or 1=1
  • Preventing SQL Injection
  • Database Specific SQL Injection
  • Hacking Tool: SQLDict
  • Hacking Tool: SQLExec
  • Hacking Tool: SQLbf
  • Hacking Tool: SQLSmack
  • Hacking Tool: SQL2.exe
  • Hacking Tool: Oracle Password Buster
Hacking Wireless Networks
  • 802.11 Standards
  • What is WEP?
  • Finding WLANs
  • Cracking WEP keys
  • Sniffing Trafic
  • Wireless DoS Attacks
  • WLAN Scanners
  • WLAN Sniffers
  • MAC Sniffing
  • Access Point Spoofing
  • Securing Wireless Networks
  • Hacking Tool: NetTumbler
  • Hacking Tool: AirSnort
  • Hacking Tool: AiroPeek
  • Hacking Tool: WEP Cracker
  • Hacking Tool: Kismet
  • Hacking Tool: AirSnarf
  • WIDZ- Wireless IDS
Virus and Worms
  • Cherobyl
  • ExploreZip
  • I Love You
  • Melissa
  • Pretty Park
  • Code Red Worm
  • W32/Klez
  • BugBear
  • W32/Opaserv Worm
  • Nimda
  • Code Red
  • SQL Slammer
  • Batch File Virus Creator
  • How to write your own Virus?
  • Worm Construction Kits
Novell Hacking
  • Common accounts and passwords
  • Accessing password files
  • Password crackers
  • Netware Hacking Tools
  • Chknull
  • NOVELBFH
  • NWPCRACK
  • Bindery
  • BinCrack
  • SETPWD.NLM
  • Kock
  • userdump
  • Burglar
  • Getit
  • Spooflog
  • Gobbler
  • Novelffs
  • Pandora
Linux Hacking
  • Why Linux ?
  • Linux Basics
  • Compiling Programs in Linux
  • Scanning Networks
  • Mapping Networks
  • Password Cracking in Linux
  • Linux Vulnerabilities
  • SARA
  • TARA
  • Sniffing
  • A Pinger in Disguise
  • Session Hijacking
  • Linux Rootkits
  • Linux Security Countermeasures
  • IPChains and IPTables
IDS, Firewalls and Honeypots
  • Intrusion Detection System
  • System Integrity Verifiers
  • How are Intrusions Detected?
  • Anomaly Detection
  • Signature Recognition
  • How does IDS match Signatures with Incoming Traffic?
  • Protocol Stack Verification
  • Application Protocol Verification
  • What Happens after an IDS Detects an Attack?
  • IDS Software Vendors
  • SNORT
  • Evading IDS (Techniques)
  • Complex IDS Evasion
  • Hacking Tool: fragrouter
  • Hacking Tool: TCPReplay
  • Hacking Tool: SideStep
  • Hacking Tool: NIDSbench
  • Hacking Tool: ADMutate
  • IDS Detection
  • Tools to Detect Packet Sniffers
  • Tools to inject strangely formatted packets onto the wire
  • Hacking Through Firewalls
  • Placing Backdoors through Firewalls
  • Hiding behind Covert Channels
  • Hacking Tool: Ncovert
  • What is a Honeypot?
  • Honeypots Evasion
  • Honeypots vendors
  • Hacking Tool: Honeyd
Buffer Overflows
  • What is a Buffer Overflow?
  • Exploitation
  • Assembly Language Basics
  • How to Detect Buffer Overflows in a Program?
  • Skills Required
  • CPU/OS Dependency
  • Understanding Stacks
  • Stack Based Buffer Overflows
  • Buffer Overflow Technical Implementation
  • Writing your own Buffer Overflow Exploit in C
  • Defense against Buffer Overflows
  • Type Checking Tools for Compiling Programs
  • StackGuard
  • Immunix
Cryptography
  • What is PKI?
  • Digital Certificates
  • RSA
  • MD-5
  • RC-5
  • SHA
  • SSL
  • PGP
  • SSH
  • Encryption Cracking Techniques
Penetration Testing Methodologies

[ back to top ]

Computer Hacking Forensic Investigator

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.

Securing and analyzing electronic evidence is a central theme in an ever-increasing number of conflict situations and criminal cases. Electronic evidence is critical in the following situations:

  • Disloyal employees
  • Computer break-ins
  • Possession of pornography
  • Breach of contract
  • Industrial espionage
  • E-mail Fraud
  • Bankruptcy
  • Disputed dismissals
  • Web page defacements
  • Theft of company documents

Students attending this course will take exam ECO-349 to achieve their CHFI certification.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols.

Course Overview

Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client's systems, to tracing the originator of defamatory emails, to recovering signs of fraud.

The CHFI course will provide participants the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute in the court of law.

The CHFI course will benefit:

  • Police and other law enforcement personnel
  • Defense and Military personnel
  • e-Business Security professionals
  • Systems administrators
  • Legal professionals
  • Banking, Insurance and other professionals
  • Government agencies
  • IT managers

Course Outline

Computer Forensics and Investigations as a Profession
  • Understanding Computer Forensics
  • Comparing Definitions of Computer Forensics
  • Exploring a Brief History of Computer Forensics
  • Developing Computer Forensics Resources
  • Preparing for Computing Investigations
  • Understanding Enforcement Agency Investigations
  • Understanding Corporate Investigations
  • Maintaining Professional Conduct
Understanding Computer Investigations
  • Preparing a Computer Investigation
  • Examining a Computer Crime
  • Examining a Company-Policy Violation
  • Taking a Systematic Approach
  • Assessing the Case
  • Planning Your Investigation
  • Securing Your Evidence
  • Understanding Data-Recovery Workstations and Software
  • Setting Up Your Workstation for Computer Forensics
  • Executing an Investigation
  • Gathering the Evidence
  • Copying the Evidence Disk
  • Analyzing Your Digital Evidence
  • Completing the Case
  • Critiquing the Case
Working with Windows and DOS Systems
  • Understanding File Systems
  • Understanding the Boot Sequence
  • Examining Registry Data
  • Disk Drive Overview
  • Exploring Microsoft File Structures
  • Disk Partition Concerns
  • Boot Partition Concerns
  • Examining FAT Disks
  • Examining NTFS Disks
  • NTFS System Files
  • NTFS Attributes
  • NTFS Data Streams
  • NTFS Compressed Files
  • NTFS Encrypted File Systems (EFS)
  • EFS Recovery Key Agent
  • Deleting NTFS Files
  • Understanding Microsoft Boot Tasks
  • Windows XP, 2000, and NT Startup
  • Windows XP System Files
  • Understanding MS-DOS Startup Tasks
  • Other DOS Operating Systems
Macintosh and Linux Boot Processes and Disk Structures
  • Understanding the Macintosh File Structure
  • Understanding Volumes
  • Exploring Macintosh Boot Tasks
  • Examining UNIX and Linux Disk Structures
  • UNIX and Linux Overview
  • Understanding modes
  • Understanding UNIX and Linux Boot Processes
  • Understanding Linux Loader
  • UNIX and Linux Drives and Partition Scheme
  • Examining Compact Disc Data Structures
  • Understanding Other Disk Structures
  • Examining SCSI Disks
  • Examining IDE/EIDE Devices
The Investigator's Office and Laboratory
  • Understanding Forensic Lab Certification Requirements
  • Identifying Duties of the Lab Manager and Staff
  • Balancing Costs and Needs
  • Acquiring Certification and Training
  • Determining the Physical Layout of a Computer Forensics Lab
  • Identifying Lab Security Needs
  • Conducting High-Risk Investigations
  • Considering Office Ergonomics
  • Environmental Conditions
  • Lighting
  • Structural Design Considerations
  • Electrical Needs
  • Communications
  • Fire-suppression Systems
  • Evidence Lockers
  • Facility Maintenance
  • Physical Security Needs
  • Auditing a Computer Forensics Lab
  • Computer Forensics Lab Floor Plan Ideas
  • Selecting a Basic Forensic Workstation
  • Selecting Workstations for Police Labs
  • Selecting Workstations for Private and Corporate Labs
  • Stocking Hardware Peripherals
  • Maintaining Operating Systems and Application Software Inventories
  • Using a Disaster Recovery Plan
  • Planning for Equipment Upgrades
  • Using Laptop Forensic Workstations
  • Building a Business Case for Developing a Forensics Lab
  • Creating a Forensic Boot Floppy Disk
  • Assembling the Tools for a Forensic Boot Floppy Disk
  • Retrieving Evidence Data Using a Remote Network Connection
Current Computer Forensics Tools
  • Evaluating Your Computer Forensics Software Needs
  • Using National Institute of Standards and Technology (NIST) Tools
  • Using National Institute of Justice (NU) Methods
  • Validating Computer Forensics Tools
  • Using Command-Line Forensics Tools
  • Exploring NTI Tools
  • Exploring Ds2dump
  • Reviewing DriveSpy
  • Exploring PDBlock
  • Exploring PDWipe
  • Reviewing Image
  • Exploring Part
  • Exploring SnapBack DatArrest
  • Exploring Byte Back
  • Exploring MaresWare
  • Exploring DIGS Mycroft v3
  • Exploring Graphical User Interface (GUI) Forensics Tools
  • Exploring AccessData Programs
  • Exploring Guidance Software EnCase
  • Exploring Ontrack
  • Using BIAProtect
  • Using LC Technologies Software
  • Exploring WinHex Specialist Edition
  • Exploring DIGS Analyzer Professional Forensic Software
  • Exploring ProDiscover DFT
  • Exploring DataLifter
  • Exploring ASRData
  • Exploring the Internet History Viewer
  • Exploring Other Useful Computer Forensics Tools
  • Exploring LTOOLS
  • Exploring Mtools
  • Exploring R-Tools
  • Using Explore2fs
  • Exploring @stake
  • Exploring TCT and TCTUTILs
  • Exploring ILook
  • Exploring HashKeeper
  • Using Graphic Viewers
  • Exploring Hardware Tools
  • Computing-Investigation Workstations
  • Building Your Own Workstation
  • Using a Write-blocker
  • Using LC Technology International Hardware
  • Forensic Computers
  • DIGS
  • Digital Intelligence
  • Image MASSter Solo
  • FastBloc
  • Acard
  • NoWrite
  • Wiebe Tech Forensic DriveDock
  • Recommendations for a Forensic Workstation
Digital Evidence Controls
  • Identifying Digital Evidence
  • Understanding Evidence Rules
  • Securing Digital Evidence at an Incident Scene
  • Cataloging Digital Evidence
  • Lab Evidence Considerations
  • Processing and Handling Digital Evidence
  • Storing Digital Evidence
  • Evidence Retention and Media Storage Needs
  • Documenting Evidence
  • Obtaining a Digital Signature
Processing Crime and Incident Scenes
  • Processing Private-Sector Incident Scenes
  • Processing Law Enforcement Crime Scenes
  • Understanding Concepts and Terms Used in Warrants
  • Preparing for a Search
  • Identifying the Nature of the Case
  • Identifying the Type of Computing System
  • Determining Whether You Can Seize a Computer
  • Obtaining a Detailed Description of the Location
  • Determining Who Is in Charge
  • Using Additional Technical Expertise
  • Determining the Tools You Need
  • Preparing the Investigation Team
  • Securing a Computer Incident or Crime Scene
  • Seizing Digital Evidence at the Scene
  • Processing a Major Incident or Crime Scene
  • Processing Data Centers with an Array of RAIDS
  • Using a Technical Advisor at an Incident or Crime Scene
  • Sample Civil Investigation
  • Sample Criminal Investigation
  • Collecting Digital Evidence
Data Acquisition
  • Determining the Best Acquisition Method
  • Planning Data Recovery Contingencies
  • Using MS-DOS Acquisition Tools
  • Understanding How DriveSpy Accesses Sector Ranges
  • Data Preservation Commands
  • Using DriveSpy Data Manipulation Commands
  • Using Windows Acquisition Tools
  • AccessData FTK Explorer
  • Acquiring Data on Linux Computers
  • Using Other Forensics Acquisition Tools
  • Exploring SnapBack DatArrest
  • Exploring SafeBack
  • Exploring EnCase
Computer Forensic Analysis
  • Understanding Computer Forensic Analysis
  • Refining the Investigation Plan
  • Using DriveSpy to Analyze Computer Data
  • DriveSpy Command Switches
  • DriveSpy Keyword Searching
  • DriveSpy Scripts
  • DriveSpy Data-Integrity Tools
  • DriveSpy Residual Data Collection Tools
  • Other Useful DriveSpy Command Tools
  • Using Other Digital Intelligence Computer Forensics Tools
  • Using PDBlock and PDWipe
  • Using AccessData's Forensic Toolkit
  • Performing a Computer Forensic Analysis
  • Setting Up Your Forensic Workstation
  • Performing Forensic Analysis on Microsoft File Systems
  • UNIX and Linux Forensic Analysis
  • Macintosh Investigations
  • Addressing Data Hiding Techniques
  • Hiding Partitions
  • Marking Bad Clusters
  • Bit-Shifting
  • Using Steganography
  • Examining Encrypted Files
  • Recovering Passwords
E-mail Investigations
  • Understanding Internet Fundamentals
  • Understanding Internet Protocols
  • Exploring the Roles of the Client and Server in E-mail
  • Investigating E-mail Crimes and Violations
  • Identifying E-mail Crimes and Violations
  • Examining E-mail Messages
  • Copying an E-mail Message
  • Printing an E-mail Message
  • Viewing E-mail Headers
  • Examining an E-mail Header
  • Examining Additional E-mail Files
  • Tracing an E-mail Message
  • Using Network Logs Related to E-mail
  • Understanding E-mail Servers
  • Examining UNIX E-mail Server Logs
  • Examining Microsoft E-mail Server Logs
  • Examining Novell GroupWise E-mail Logs
  • Using Specialized E-mail Forensics Tools
Recovering Image Files
  • Recognizing an Image File
  • Understanding Bitmap and Raster Images
  • Understanding Vector Images
  • Metafle Graphics
  • Understanding Image File Formats
  • Understanding Data Compression
  • Reviewing Lossless and Lossy Compression
  • Locating and Recovering Image Files
  • Identifying Image File Fragments
  • Repairing Damaged Headers
  • Reconstructing File Fragments
  • Identifying Unknown File Formats
  • Analyzing Image File Headers
  • Tools for Viewing Images
  • Understanding Steganography in Image Files
  • Using Steganalysis Tools
  • Identifying Copyright Issues with Graphics
Writing Investigation Reports
  • Understanding the Importance of Reports
  • Limiting the Report to Specifics
  • Types of Reports
  • Expressing an Opinion
  • Designing the Layout and Presentation
  • Litigation Support Reports versus Technical Reports
  • Writing Clearly
  • Providing Supporting Material
  • Formatting Consistently
  • Explaining Methods
  • Data Collection
  • Including Calculations
  • Providing for Uncertainty and Error Analysis
  • Explaining Results
  • Discussing Results and Conclusions
  • Providing References
  • Including Appendices
  • Providing Acknowledgments
  • Formal Report Format
  • Writing the Report
  • Using FTK Demo Version
Becoming an Expert Witness
  • Comparing Technical and Scientific Testimony
  • Preparing for Testimony
  • Documenting and Preparing Evidence
  • Keeping Consistent Work Habits
  • Processing Evidence
  • Serving as a Consulting Expert or an Expert Witness
  • Creating and Maintaining Your CV
  • Preparing Technical Definitions
  • Testifying in Court
  • Understanding the Trial Process
  • Qualifying Your Testimony and Voir Dire
  • Addressing Potential Problems
  • Testifying in General
  • Presenting Your Evidence
  • Using Graphics in Your Testimony
  • Helping Your Attorney
  • Avoiding Testimony Problems
  • Testifying During Direct Examination
  • Using Graphics During Testimony
  • Testifying During Cross-Examination
  • Exercising Ethics When Testifying
  • Understanding Prosecutorial Misconduct
  • Preparing for a Deposition
  • Guidelines for Testifying at a Deposition
  • Recognizing Deposition Problems
  • Public Release: Dealing with Reporters
  • Forming an Expert Opinion
  • Determining the Origin of a Floppy Disk
Computer Security Incident Response Team
  • Incident Response Team
  • Incident Reporting Process
  • Low-level incidents
  • Mid-level incidents
  • High-level incidents
  • What is a Computer Security Incident Response Team (CSIRT)?
  • Why would an organization need a CSIRT?
  • What types of CSIRTs exist?
  • Other Response Teams Acronyms
  • What does a CSIRT do?
  • What is Incident Handling?
  • Need for CSIRT in Organizations
  • Best Practices for Creating a CSIRT?
Logfile Analysis
  • Secure Audit Logging
  • Audit Events
  • Syslog
  • Message File
  • Setting Up Remote Logging
  • Linux Process Tracking
  • Windows Logging
  • Remote Logging in Windows
  • ntsyslog
  • Application Logging
  • Extended Logging
  • Monitoring for Intrusion and Security Events
  • Importance of Time Synchronization
  • Passive Detection Methods
  • Dump Event Log Tool (Dumpel.exe)
  • EventCombMT
  • Event Collection
  • Scripting
  • Event Collection Tools
  • Forensic Tool: fwanalog
  • Elements of an End-to-End Forensic Trace
  • Log Analysis and Correlation
  • TCPDump logs
  • Intrusion Detection Log (RealSecure)
  • Intrusion Detection Log (SNORT)
Recovering Deleted Files
  • The Windows Recycle Bin
  • Digital evidence
  • Recycle Hidden Folder
  • How do I undelete a file?
  • e2undel
  • O&O UnErase
  • Restorer2000
  • BadCopy Pro
  • File Scavenger
  • Mycroft v3
  • PC ParaChute
  • Search and Recover
  • Stellar Phoenix Ext2,Ext3
  • Zero Assumption Digital Image Recovery
  • FileSaver
  • VirtualLab Data Recovery
  • R-Linux
  • Drive & Data Recovery
  • Active@ UNERASER - DATA Recovery
Application Password Crackers
  • Advanced Office XP Password Recovery
  • AOXPPR
  • Accent Keyword Extractor
  • Advanced PDF Password Recovery
  • APDFPR
  • Distributed Network Attack
  • Windows XP / 2000 / NT Key
  • Passware Kit
  • How to Bypass BIOS Passwords
  • BIOS Password Crackers
  • Removing the CMOS Battery
  • Default Password Database
Investigating E-Mail Crimes
  • E-mail Crimes
  • Sending Fakemail
  • Sending E-mail using Telnet
  • Tracing an e-mail
  • Mail Headers
  • Reading Email Headers
  • Tracing Back
  • Tracing Back Web Based E-mail
  • Microsoft Outlook Mail
  • Pst File Location
  • Tool: R-Mail
  • Tool: FinaleMail
  • Searching E-mail Addresses
  • E-mail Search Site
  • abuse.net
  • Network Abuse Clearing House
  • Handling Spam
  • Protecting your E-mail Address from Spam
  • Tool: Enkoder Form
  • Tool: eMailTrackerPro
  • Tool: SPAM Punisher
Investigating Web Attacks
  • How to Tell an Attack is in Progress
  • What to Do When You Are Under Attack?
  • Conducting the Investigation
  • Attempted Break-in
  • Step 1: Identifing the System(s)
  • Step 2: Traffic between source and destination
  • How to detect attacks on your server?
  • Investigating Log Files
  • IIS Logs
  • Log file Codes
  • Apache Logs
  • Access_log
  • Log Security
  • Log File Information
  • Simple Request
  • Time/Date Field
  • Mirrored Site Detection
  • Mirrored Site in IIS Logs
  • Vulnerability Scanning Detection
  • Example of Attack in Log file
  • Web Page Defacement
  • Defacement using DNS Compromise
  • Investigating DNS Poisoning
  • Investigating FTP Servers
  • Example of FTP Compromise
  • FTP logs
  • SQL Injection Attacks
  • Investigating SQL Injection Attacks
  • Web Based Password Brute Force Attack
  • Investigating IP Address
  • Tools for locating IP Address
  • Investigating Dynamic IP Address
  • Location of DHCP Server Logfile
Investigating Network Traffic
  • Network Intrusions and Attacks
  • Direct vs. Distributed Attacks
  • Automated Attacks
  • Accidental "Attacks"
  • Address Spoofing
  • IP Spoofing
  • ARP Spoofing
  • DNS Spoofing
  • Preventing IP Spoofing
  • Preventing ARP Spoofing
  • Preventing DNS Spoofing
  • VisualZone
  • DShield
  • Forensic Tools for Network Investigations
  • TCPDump
  • Ethereal
  • NetAnalyst
  • Ettercap
  • Ethereal
Investigating Router Attacks
  • DoS Attacks
  • Investigating DoS Attacks
  • Investigating Router Attacks
The Computer Forensics Process
  • Evidence Seizure Methodology
  • Before the Investigation
  • Document Everything
  • Confiscation of Computer Equipment
Data Duplication
  • Tool: R-Drive Image
  • Tool: DriveLook
  • Tool: DiskExplorer for NTFS
Windows Forensics
  • Gathering Evidence in Windows
  • Collecting Data from Memory
  • Collecting Evidence
  • Memory Dump
  • Manual Memory Dump (Windows 2000)
  • Manual Memory Dump (Windows XP)
  • PMDump
  • Windows Registry
  • Registry Data
  • Regmon utility
  • Forensic Tool: InCntrl5
  • Backing Up of the entire Registry
  • System State Backup
  • Forensic Tool: Back4Win
  • Forensic Tool: Registry Watch
  • System Processes
  • Process Monitors
  • Default Processes in Windows NT, 2000, and XP
  • Process-Monitoring Programs
  • Process Explorer
  • Look for Hidden Files
  • Viewing Hidden Files in Windows
  • NTFS Streams
  • Detecting NTFS Streams
  • Rootkits
  • Detecting Rootkits
  • Sigverif
  • Detecting Trojans and Backdoors
  • Removing Trojans and Backdoors
  • Port Numbers Used by Trojans
  • Examining the Windows Swap File
  • Swap file as evidence
  • Viewing the Contents of the Swap/Page File
  • Recovering Evidence from the Web Browser
  • Locating Browser History Evidence
  • Forensic Tool: Cache Monitor
  • Print Spooler Files
  • Steganography
  • Forensic Tool: StegDetect
Linux Forensics
  • Performing Memory Dump on Unix Systems
  • Viewing Hidden Files
  • Executing Process
  • Create a Linux Forensic Toolkit
  • Collect Volatile Data Prior to Forensic Duplication
  • Executing a Trusted Shell
  • Determining Who is logged on to the System
  • Determining the Running Processes
  • Detecting Loadable Kernel Module Rootkits
  • LKM
  • Open Ports and Listening Applications
  • /proc file system
  • Log Files
  • Configuration Files
  • Low Level Analysis
  • Log Messages
  • Running syslogd
  • Investigating User Accounts
  • Collecting an Evidential Image
  • File Auditing Tools
Investigating PDA
  • Paraben's PDA Seizure
Enforcement Law and Prosecution
  • Freedom of Information Act
  • Reporting Security Breaches to Law Enforcement
  • National Infrastructure Protection Center
  • Federal Computer Crimes and Laws
  • Federal Laws
  • The USA Patriot Act of 2001
  • Building the Cybercrime Case
  • How the FBI Investigates Computer Crime
  • Cyber Crime Investigations
  • Computer-facilitated crime
  • FBI
  • Federal Statutes
  • Local laws
  • Federal Investigative Guidelines
  • Gather Proprietary Information
  • Contact law enforcement
  • To initiate an investigation
Investigating Trademark and Copyright Infringement
  • Trademarks
  • Trademark Eligibility
  • What is a service mark?
  • What is trade dress?
  • Internet domain name
  • Trademark Infringement
  • Conducting a Trademark Search
  • Using Internet to Search for Trademarks
  • Hiring a professional firm to conduct my trademark search
  • Trademark Registrations
  • Benefits of Trademark Registration
  • Copyright
  • How long does a copyright last?
  • Copyright Notice
  • Copyright "Fair Use" Doctrine
  • U.S. Copyright Office
  • How are copyrights enforced?
  • SCO vs IBM
  • What is Plagiarism?
  • Turnitin
  • Plagiarism Detection Tools

[ back to top ]


CED Solutions is your best choice for Ethical Hacking Computer, Ethical Hacking Computer training, Ethical Hacking Computer certification, Ethical Hacking Computer boot camp, Ethical Hacking Computer certification training, Ethical Hacking Computer certification course, Ethical Hacking Computer course, Ethical Hacking Computer class.



Ethical Hacking Computer space
Search classes by keyword:
Search classes by category:


Copyright © 2017 CED Solutions. CED Solutions Refund Policy. All Rights Reserved.