Computer Hacking Forensic Investigator Training | CHFI Certification

Course Features

  • Training Type

  • Course Duration

    5 Days

  • No. of Hours

    4 Hours per day

  • Certificate

  • Skill Level

  • Price

    USD 500

  • Study Material

  • Batches Available
    (Mon-Thu) & (Sat-Sun)

Register for Demo

  • Overview
  • Course Outline
  • Batch Details
  • Free Resources
  • FAQs

What is Computer Forensics? Who is a Computer Hacking Forensic Investigator?

Computer Forensic Investigator can be an exciting career for you, if you love carrying out investigations. If you are curious about detection of computer crimes and uncovering what sort of planning goes on behind the scenes. You will also need to have great observation skills and an ability to connect the dots and arrive at conclusions.

Let us now understand what is Computer Forensics, who is Computer Forensic Investigator and what type of activities are they expected to perform on a daily basis.

Forensic science involved scientific tests or techniques used in connection with the detection of crime. Computer forensics or Digital forensics is a branch of forensic science that focuses on investigating computers, networks, mobiles and other digital data storage devices as well as digital data, to gather evidence pertaining to computer crimes.

A computer forensic investigator uses various tools and techniques of digital forensics technologies to investigate data that resides on computer, systems, databases, firewall, hard drives, emails, images and more. They also recover deleted data, encrypted data or damaged files. Once the data is retrieved successfully, they carry out a thorough analysis to extract the evidence and deduce how the attack was carried out. A detailed report is presented, which can be helpful as evidence in legal proceedings.

Come, Join the I-Medita Computer Hacking Forensic Investigator if you are interested in pursuing a career in this field.

Why I-Medita Computer Hacking Forensic Investigator Training Course?

The International Council of E-Commerce Consultants (EC-Council) has created the CHFI course in consultation with subject matter experts and forensic practitioners for becoming proficient at handling digital evidence while investigating cyber crimes.

I-Medita is an authorized Training Partner and Exam Center of EC Council Computer Hacking Forensic Investigator Course. I-Medita course curriculum covers all the modules required specified by the EC Council Blue Print for achieving Computer Hacking Forensic Investigator Certification (CHFI Certification).

I-Medita organizes a 2 hour Free Demo Session of our classroom training. You can also interact with our Expert Trainers and seek more information about the scope of and career options available after completing Computer Hacking Forensic Investigator course.

The most significant benefits of I-Medita Computer Hacking Forensic Investigator course are:

  • Comprehensive course covering major forensic investigation scenarios
  • Learn skills, techniques, tools to perform effective digital forensic investigation
  • Study a methodological approach to computer forensic including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence
  • Emphasis on Practical Training Time with Dedicated Lab sessions
  • Get White Papers for additional reading, several templates for evidence collection, chain-of custody, final investigation reports, etc.
  • 24*7 access to state of the art Labs with ultra modern equipments
  • 24*7 Learning support to solve queries via Chat, WhatsApp and Emails
  • 100% Placement assistance, interview preparation, question banks, resume templates
  • Free refresher and backup classes
  • Authorized Training Completion Certification
  • You will be thoroughly prepared for taking on globally recognized EC-Council Computer Hacking Forensic Investigator Certification exam (CHFI)
  • I-Medita is an authorized EC Council Training Partner and Exam Testing Center

What are the pre-requisites for Computer Hacking Forensic Investigator Course?

  • IT Professionals or Forensic Professionals with basic knowledge of IT security, Computer Security, Computer Forensics and Incident Response.
  • Students / Professionals who have completed the Certified Ethical Hacker Training will have an added advantage.

Who should take Computer Hacking Forensic Investigator Course?

  • Students who are passionate about making a career in Cyber Forensics / Investigations
  • Attorneys, legal consultants, and lawyers, Law enforcement officers, Police officers, Government agents, Defense and military, Detectives/ investigators, Incident response team members, Information security managers, Network defenders, System/network engineers, Security analyst/ architect/ auditors/ consultants can enroll in this course. The skills and knowledge of these forensic techniques will be complement their roles.

What is the scope and career path for students having completed Computer Hacking Forensic Investigator Course?

Computer Hacking Foreign Investigators can obtain jobs with information technology companies, financial service providers, military and defense organizations, investigative agencies, etc.

Training Cost and Duration

CHFI Certification Training
Track Regular (Mon-Fri) Weekend (Sat-Sun)

5 Days

5 Days


4 Hours per day

4 Hours per day


USD 500

USD 500

What you will learn in the Computer Hacking Forensic Investigator Training Course?

CHFI curriculum comprises of 14 training modules covering major forensic investigation scenarios. You will gain profound knowledge of How to:

  • Perform incident response, electronic evidence collections, digital forensic acquisitions.
  • Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files.
  • Examine, analyze text, graphics, multimedia, digital images seized during investigation.
  • Conduct examinations, recover information from computer hard disk drives, electronic data storage media.
  • Follow strict data and evidence handling procedures.
  • Maintain audit trail (i.e., chain of custody) and evidence integrity.
  • Carry out technical examination, analysis and reporting of computer-based evidence.
  • Prepare and maintain case files.
  • Gather volatile and non-volatile information from Windows, macOS and Linux.
  • Recover deleted files and partitions in Windows, macOS and Linux.
  • Perform keyword searches including using target words or phrases.
  • Investigate events for evidence of insider threats or attacks.
  • Support the generation of incident reports and other collateral.
  • Investigate and analyze all response activities related to cyber incidents.
  • Plan, coordinate and direct recovery activities and incident analysis tasks.
  • Examine all information, supporting evidence, artefacts related to an incident or event.
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents.
  • Conduct reverse engineering for known and suspected malware files.
  • Perform detailed evaluation of the data and any evidence of activity in order to analyze the full circumstances and implications of the event.
  • Identify data, images and/or activity which may be the target of an internal investigation.
  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modelling.
  • Search file slack space where PC type technologies are employed.
  • File MAC times (Modified, Accessed, and Create dates and times) as evidence of access and event sequences.
  • Examine file type and file header information.
  • Review e-mail communications including web mail and Internet Instant Messaging programs
  • Examine the Internet browsing history.
  • Generate reports which detail the approach, and an audit trail which documents actions taken to support the integrity of the internal investigation process.
  • Recover active, system and hidden files with date/time stamp information.
  • Crack (or attempt to crack) password protected files.
  • Perform anti-forensics detection.
  • Maintain awareness and follow laboratory evidence handling, evidence examination, laboratory safety, and laboratory security policy and procedures.
  • Play a role of first responder by securing and evaluating a cybercrime scene, conducting preliminary interviews, documenting crime scene, collecting and preserving electronic evidence, packaging and transporting electronic evidence, reporting of the crime scene.
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred.
  • Apply advanced forensic tools and techniques for attack reconstruction.
  • Perform fundamental forensic activities and form a base for advanced forensics.
  • Identify and check the possible source/incident origin.
  • Perform event co-relation.
  • Extract and analyze logs from various devices such as proxies, firewalls, IPSes, IDSes, Desktops, laptops, servers, SIM tools, routers, switches, AD servers, DHCP servers, Access Control Systems, etc.
  • Ensure that reported incident or suspected weaknesses, malfunctions and deviations are handled with confidentiality.
  • Assist in the preparation of search and seizure warrants, court orders, and subpoenas.
  • Provide expert witness testimony in support of forensic examinations conducted by the examiner.

What is the Computer Hacking Forensic Investigator Course Curriculum?

I-Medita Computer Hacker Forensic Investigator Training course curriculum is aligned with and includes all the modules specified by EC Council Blue Print for completion of Computer Hacking Forensic Investigator Certification. The Course Module are:

  • Computer Forensics in Today’s World
  • Computer Forensics Investigation Process
  • Understanding Hard Disks and File Systems
  • Operating System Forensics
  • Defeating Anti-Forensics Techniques
  • Data Acquisition and Duplication
  • Network Forensics
  • Investigating Web Attacks
  • Database Forensics
  • Cloud Forensics
  • Malware Forensics
  • Investigating Email Crimes
  • Mobile Forensics
  • Investigative Reports
  • Forensics Report Writing and Presentation

For more in-depth course curriculum information – please check Computer Hacking Forensic Investigator Training Course Curriculum Details.

EC Council Computer Hacking Forensic Investigator – Exam Preparation

Computer Hacking Forensic Investigator (CHFI Certification) is a certification provided by (EC-Council). This certification validates the skills, knowledge and expertise to identify the attack, gather the necessary evidence to report the crime in the court of law.

Exam Name Exam Code
Computer Hacking Forensic Investigator Examination EC0 312-49

Frequently Asked Questions

What is the Eligibility Criteria for CHFI Certification?

Option 1: If you attend Official Training at an accredited Training Center, you can attempt the Certification exam without going through application process.

Option 2: If you have not attended any Official Training, your application must first be approved via the eligibility application process.

How to schedule CHFI Certification Exam?

You can schedule the CHFI exam (ECO 312-49) via the ECC Exam Portal. I-Medita is an authorized EC Council Training Partner AND Exam Center.

What is the format of CHFI Certification exam, duration, what types of questions, passing criteria, number of attempts allowed?

CFHI Exam duration is 4 hours. You have to answer 150 multiple choice questions.

EC Councils exams are provided in multiple forms (I.e. different question banks). The Questions not only test the academic knowledge but also the real-world applicability. The passing scores "cut off" are determined on " per exam form basis". Usually the passing scores range between 60% to 78%.

If you do not pass the exam on the first attempt, you can attempt 1st retake immediately without any cooling period. Thereafter you will have to allow a cooling period of 14 days between each attempt. You cannot appear for an exam more than 5 times in a year.

Exam Topics & Weightage for each Topic in CHFI Certification Exam

Please note: The following topics are general guidelines for content expected to be included in the exams.

Sr. No Domain Weightage No. of Questions
1 Forensic Science 15% 22
2 Regulations, Policies and Ethics 10% 15
3 Digital Evidence 20% 30
4 Procedures and Methodology Writing 20% 30
5 Digital Forensics 25% 37
6 Tools/Systems/Programs 10% 16
How long is the CHFI Certification valid?

Your CHFI credential is valid for 3 years from the date of certification. You must earn 120 ECE credits to maintain/ renew your certification within 3 years. Failing this, your certification will be suspended for a period of 1 year. If you fail to achieve 120 credits within a year of suspension, You will have to pass certification exam again to earn certification.

What is the process to renew my CHFI Certification?

EC Council advocates continuing education and encourages certified members to keep their knowledge up-to-date. To renew CHFI credentials for another 3-years you have to earn credits by attending conferences, writing research papers, preparing for training classes, taking an exam of a newer version of the certification, attending webinars, etc. You must update your EC-Council Continuing Education (ECE) credit account and submit proof of your earned credits.

Our Trainers

Saurabh Yadav

Saurabh Yadav

Triple CCIE R&S, SP, Security # 46962

Baldev Singh

Baldev Singh

CCIE Security #37094

Sudhanshu Bhat

Sudhanshu Bhat

CCIE Voice # 41212

Surendra Singh

Surendra Singh

CCIE R&S # 60346

Shubham Singh

Shubham Singh

CCIE Security # 58858

What Our Students Say

Register for Free Demo Session